Back to bug 1326251
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-04-12 09:07:22 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-04-12 09:07:22 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-04-12 09:09:39 UTC | Blocks | 1325942 | |
| Adam Mariš | 2016-04-12 09:10:54 UTC | CC | jcline, rbarlow | |
| Adam Mariš | 2016-04-12 14:31:44 UTC | Summary | EMBARGOED pulp: Race condition when generating RSA keys for authenticating messages between server and consumers | EMBARGOED CVE-2016-3111 pulp: Race condition when generating RSA keys for authenticating messages between server and consumers |
| Alias | CVE-2016-3111 | |||
| Jeremy Cline | 2016-04-12 15:38:07 UTC | CC | amaris | |
| Attachment #1146522 Flags | review?(amaris) | |||
| Kurt Seifried | 2016-04-13 16:50:14 UTC | Whiteboard | impact=low,public=no,reported=20160408,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-362,rhn_satellite_6/pulp=new,rhui-2/pulp=new | impact=low,public=20160413,reported=20160408,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-362,rhn_satellite_6/pulp=new,rhui-2/pulp=new |
| Kurt Seifried | 2016-04-13 16:50:46 UTC | Summary | EMBARGOED CVE-2016-3111 pulp: Race condition when generating RSA keys for authenticating messages between server and consumers | CVE-2016-3111 pulp: Race condition when generating RSA keys for authenticating messages between server and consumers |
| Kurt Seifried | 2016-04-13 16:50:49 UTC | Group | security, qe_staff | |
| Kurt Seifried | 2016-04-13 18:32:10 UTC | Whiteboard | impact=low,public=20160413,reported=20160408,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-362,rhn_satellite_6/pulp=new,rhui-2/pulp=new | impact=low,public=20160413,reported=20160408,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-362,rhn_satellite_6/pulp=affected,rhui-2/pulp=wontfix |
| Kurt Seifried | 2016-04-13 18:35:06 UTC | Depends On | 1326913 | |
| Kurt Seifried | 2016-04-13 18:36:15 UTC | Depends On | 1326919 | |
| Kurt Seifried | 2016-05-05 20:31:57 UTC | CC | jmatthew, tsanders | |
| Kurt Seifried | 2016-09-19 18:58:17 UTC | Doc Text | It was found that the private RSA key was created in a directory that is world-readable for a small amount of time. A local user could possibly use this flaw to gain access to the private key information in the file. | |
| Kurt Seifried | 2016-09-19 19:03:05 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-09-19 15:03:05 UTC | |||
| Adam Mariš | 2016-11-08 16:09:22 UTC | CC | amaris | |
| Adam Mariš | 2017-01-05 11:14:12 UTC | Attachment #1146522 Flags | review?(amaris) | |
| Product Security DevOps Team | 2019-09-29 13:46:44 UTC | Whiteboard | impact=low,public=20160413,reported=20160408,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-362,rhn_satellite_6/pulp=affected,rhui-2/pulp=wontfix |
Back to bug 1326251