Back to bug 1328022
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Tomas Hoger | 2016-04-18 08:56:53 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-04-18 08:56:53 UTC | Doc Type | --- | Bug Fix |
| Tomas Hoger | 2016-04-18 08:56:58 UTC | Blocks | 1324915 | |
| Tomas Hoger | 2016-04-19 20:33:43 UTC | Priority | medium | low |
| Summary | EMBARGOED CVE-2016-0695 OpenJDK: insufficient DSA parameters checks (Security, 8138593) | EMBARGOED CVE-2016-0695 OpenJDK: insufficient DSA key parameters checks (Security, 8138593) | ||
| Whiteboard | impact=moderate,public=20160419,reported=20160415,source=oracle,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected | impact=low,public=20160419,reported=20160415,source=oracle,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected | ||
| Severity | medium | low | ||
| Tomas Hoger | 2016-04-19 20:54:26 UTC | Whiteboard | impact=low,public=20160419,reported=20160415,source=oracle,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected | impact=low,public=20160419,reported=20160415,source=oracle,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-7/java-1.6.0-sun=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected |
| Tomas Hoger | 2016-04-19 20:59:36 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-0695 OpenJDK: insufficient DSA key parameters checks (Security, 8138593) | CVE-2016-0695 OpenJDK: insufficient DSA key parameters checks (Security, 8138593) | ||
| Tomas Hoger | 2016-04-20 19:48:32 UTC | Doc Text | It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. | |
| John Skeoch | 2016-05-05 04:41:45 UTC | CC | sbaiduzh | oskutka |
| Ondrej Skutka | 2016-05-09 14:34:58 UTC | CC | oskutka | |
| Tomas Hoger | 2016-05-09 14:41:25 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-05-09 10:41:25 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:47:33 UTC | Whiteboard | impact=low,public=20160419,reported=20160415,source=oracle,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-7/java-1.6.0-sun=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected |
Back to bug 1328022