Back to bug 1369383
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-08-23 09:15:20 UTC | CC | security-response-team | |
| Adam Mariš | 2016-08-23 09:25:57 UTC | Blocks | 1369388 | |
| Huzaifa S. Sidhpurwala | 2016-08-23 10:23:08 UTC | Summary | EMBARGOED CVE-2016-2183 tls: Birthday attack against 64-bit block ciphers (SWEET32) | EMBARGOED CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) |
| Whiteboard | impact=moderate,public=no,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=new,rhel-5/openssl097a=new,rhel-6/openssl=new,rhel-6/openssl098e=new,rhel-7/openssl=new,rhel-7/openssl098e=new,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=no,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | ||
| Huzaifa S. Sidhpurwala | 2016-08-23 10:28:32 UTC | Whiteboard | impact=moderate,public=no,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=no,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=new,rhel-6/nss=new,rhel-7/nss=new,fedora-all/nss=new,rhel-5/gnutls=new,rhel-6/gnutls=new,rhel-7/gnutls=new,fedora-all/gnutls=new |
| Huzaifa S. Sidhpurwala | 2016-08-24 06:23:10 UTC | Whiteboard | impact=moderate,public=no,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=new,rhel-6/nss=new,rhel-7/nss=new,fedora-all/nss=new,rhel-5/gnutls=new,rhel-6/gnutls=new,rhel-7/gnutls=new,fedora-all/gnutls=new | impact=moderate,public=no,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=new,rhel-6/gnutls=new,rhel-7/gnutls=new,fedora-all/gnutls=new |
| Huzaifa S. Sidhpurwala | 2016-08-24 08:48:38 UTC | Doc Text | A protocol flaw was found in the DES/3DES cipher, used as a part of the SSL/TLS protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between the SSL/TLS server and the client. | |
| Huzaifa S. Sidhpurwala | 2016-08-24 08:51:26 UTC | Doc Text | A protocol flaw was found in the DES/3DES cipher, used as a part of the SSL/TLS protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between the SSL/TLS server and the client. | A protocol flaw was found in the DES/3DES cipher, used as a part of the SSL/TLS protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between the SSL/TLS server and the client if the communication uses a DES/3DES based ciphersuite. |
| Huzaifa S. Sidhpurwala | 2016-08-24 13:59:47 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) | CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) | ||
| Whiteboard | impact=moderate,public=no,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=new,rhel-6/gnutls=new,rhel-7/gnutls=new,fedora-all/gnutls=new | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=new,rhel-6/gnutls=new,rhel-7/gnutls=new,fedora-all/gnutls=new | ||
| Slawomir Czarko | 2016-08-25 09:18:25 UTC | CC | ykawada | |
| CC | slawomir | |||
| Huzaifa S. Sidhpurwala | 2016-08-25 13:19:48 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=new,rhel-6/gnutls=new,rhel-7/gnutls=new,fedora-all/gnutls=new | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=affected,rhel-6/gnutls=affected,rhel-7/gnutls=affected,fedora-all/gnutls=affected |
| Norman Sardella | 2016-08-25 18:22:36 UTC | CC | sardella | |
| Yasuhiro Ozone | 2016-09-05 01:15:06 UTC | CC | yozone | |
| Tomas Hoger | 2016-09-20 08:36:07 UTC | Alias | SWEET32 | |
| Tomas Hoger | 2016-09-21 09:33:46 UTC | Depends On | 1377991 | |
| Tomas Hoger | 2016-09-21 09:33:50 UTC | Depends On | 1377992 | |
| Tomas Hoger | 2016-09-21 09:33:55 UTC | Depends On | 1377993 | |
| Tomas Hoger | 2016-09-21 09:33:59 UTC | Depends On | 1377995 | |
| Tomas Hoger | 2016-09-21 14:10:41 UTC | Doc Text | A protocol flaw was found in the DES/3DES cipher, used as a part of the SSL/TLS protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between the SSL/TLS server and the client if the communication uses a DES/3DES based ciphersuite. | A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. |
| Apurbita Mukherjee | 2016-09-23 17:08:30 UTC | CC | apmukher | |
| Timothy Walsh | 2016-10-04 06:29:11 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=affected,rhel-6/gnutls=affected,rhel-7/gnutls=affected,fedora-all/gnutls=affected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=affected,rhel-6/gnutls=affected,rhel-7/gnutls=affected,fedora-all/gnutls=affected |
| Timothy Walsh | 2016-10-04 06:29:24 UTC | CC | mturk | |
| Timothy Walsh | 2016-10-04 06:31:46 UTC | Depends On | 1381440 | |
| Timothy Walsh | 2016-10-04 06:31:59 UTC | Depends On | 1381441 | |
| Timothy Walsh | 2016-10-04 12:37:02 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=affected,rhel-6/gnutls=affected,rhel-7/gnutls=affected,fedora-all/gnutls=affected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=affected,rhel-6/gnutls=affected,rhel-7/gnutls=affected,fedora-all/gnutls=affected |
| Timothy Walsh | 2016-10-04 12:38:12 UTC | Depends On | 1381552 | |
| kat | 2016-10-11 19:23:57 UTC | CC | kbost | |
| Huzaifa S. Sidhpurwala | 2016-10-25 07:52:09 UTC | CC | hasuzuki | |
| Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=affected,rhel-6/gnutls=affected,rhel-7/gnutls=affected,fedora-all/gnutls=affected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=affected | ||
| Huzaifa S. Sidhpurwala | 2016-10-26 05:00:27 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=affected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=affected |
| Huzaifa S. Sidhpurwala | 2016-10-26 05:02:27 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=affected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected |
| Huzaifa S. Sidhpurwala | 2016-10-26 05:03:50 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected |
| Huzaifa S. Sidhpurwala | 2016-10-26 05:07:52 UTC | Depends On | 1388742 | |
| Huzaifa S. Sidhpurwala | 2016-10-26 05:08:02 UTC | Depends On | 1388743 | |
| Huzaifa S. Sidhpurwala | 2016-10-26 05:08:17 UTC | Depends On | 1388744 | |
| Huzaifa S. Sidhpurwala | 2016-10-26 05:08:27 UTC | Depends On | 1388745 | |
| Jason Shepherd | 2016-11-06 22:50:17 UTC | CC | jshepherd | |
| Summer Long | 2016-11-10 21:56:56 UTC | CC | slong | |
| Summer Long | 2017-01-05 04:46:28 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=affected,openstack-9/opendaylight=affected,openstack-10/opendaylight=affected,openstack-11/opendaylight=affected |
| Summer Long | 2017-01-05 04:46:51 UTC | CC | aortega, apevec, ayoung, chrisw, cvsbot-xmlrpc, jschluet, kbasil, lhh, lpeer, markmc, mkolesni, nyechiel, rbryant, sclewis, tdecacqu | |
| Summer Long | 2017-01-05 04:51:02 UTC | Depends On | 1410303 | |
| Summer Long | 2017-01-05 04:51:14 UTC | Depends On | 1410304 | |
| Summer Long | 2017-01-05 04:51:27 UTC | Depends On | 1410305 | |
| Summer Long | 2017-01-05 04:51:49 UTC | Depends On | 1410306 | |
| Summer Long | 2017-01-12 01:50:25 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=affected,openstack-9/opendaylight=affected,openstack-10/opendaylight=affected,openstack-11/opendaylight=affected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=wontfix,openstack-9/opendaylight=wontfix,openstack-10/opendaylight=wontfix,openstack-11/opendaylight=wontfix |
| Tomas Hoger | 2017-01-17 12:42:13 UTC | Blocks | 1410614 | |
| Tomas Hoger | 2017-01-17 18:27:28 UTC | Doc Text | A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. | A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. |
| Tomas Hoger | 2017-02-27 21:42:10 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=wontfix,openstack-9/opendaylight=wontfix,openstack-10/opendaylight=wontfix,openstack-11/opendaylight=wontfix | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=wontfix,openstack-9/opendaylight=wontfix,openstack-10/opendaylight=wontfix,openstack-11/opendaylight=wontfix,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.7.0-ibm=affected,rhel-6/java-1.7.1-ibm=affected,rhel-7/java-1.7.1-ibm=affected,rhel-6/java-1.8.0-ibm=affected,rhel-7/java-1.8.0-ibm=affected |
| Tomas Hoger | 2017-02-27 21:44:08 UTC | Depends On | 1427313 | |
| Tomas Hoger | 2017-02-27 21:44:13 UTC | Depends On | 1427314 | |
| Tomas Hoger | 2017-02-27 21:44:18 UTC | Depends On | 1427315 | |
| Tomas Hoger | 2017-02-27 21:44:22 UTC | Depends On | 1427316 | |
| Ganesh | 2017-05-01 23:28:27 UTC | CC | gnaik | |
| Timothy Walsh | 2017-09-12 00:49:00 UTC | Blocks | 1490666 | |
| Ján Rusnačko | 2017-10-16 11:01:51 UTC | CC | jrusnack | |
| Timothy Walsh | 2017-10-30 23:15:36 UTC | Blocks | 1507692 | |
| Jan Stefl | 2017-11-02 12:28:14 UTC | Depends On | 1508872 | |
| Richa | 2017-11-02 16:27:16 UTC | Blocks | 1509003 | |
| Timothy Walsh | 2017-11-03 08:42:48 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=wontfix,openstack-9/opendaylight=wontfix,openstack-10/opendaylight=wontfix,openstack-11/opendaylight=wontfix,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.7.0-ibm=affected,rhel-6/java-1.7.1-ibm=affected,rhel-7/java-1.7.1-ibm=affected,rhel-6/java-1.8.0-ibm=affected,rhel-7/java-1.8.0-ibm=affected | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=wontfix,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=wontfix,openstack-9/opendaylight=wontfix,openstack-10/opendaylight=wontfix,openstack-11/opendaylight=wontfix,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.7.0-ibm=affected,rhel-6/java-1.7.1-ibm=affected,rhel-7/java-1.7.1-ibm=affected,rhel-6/java-1.8.0-ibm=affected,rhel-7/java-1.8.0-ibm=affected |
| Adam Young | 2017-11-03 17:12:01 UTC | CC | ayoung | |
| Timothy Walsh | 2017-11-15 02:07:20 UTC | Blocks | 1513244 | |
| Vincent Danen | 2017-11-17 17:51:04 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-11-17 12:51:04 UTC | |||
| errata-xmlrpc | 2018-07-03 14:07:14 UTC | Link ID | Red Hat Product Errata RHSA-2018:2123 | |
| errata-xmlrpc | 2019-05-20 14:12:39 UTC | Link ID | Red Hat Product Errata RHSA-2019:1245 | |
| Jason Shepherd | 2019-09-09 22:49:46 UTC | CC | ahardin, bleanhar, ccoleman, dedgar, eparis, jgoulding, jokerman, mchappel, nstielau | |
| Jason Shepherd | 2019-09-09 22:52:38 UTC | Depends On | 1748212 | |
| Jason Shepherd | 2019-09-23 08:16:15 UTC | Depends On | 1716428 | |
| Jason Shepherd | 2019-09-23 08:20:09 UTC | Depends On | 1745435 | |
| Jason Shepherd | 2019-09-23 08:27:43 UTC | Depends On | 1745430 | |
| Jason Shepherd | 2019-09-23 08:33:12 UTC | Depends On | 1745433 | |
| Jason Shepherd | 2019-09-23 08:36:46 UTC | Depends On | 1745431 | |
| errata-xmlrpc | 2019-09-27 00:14:46 UTC | Link ID | Red Hat Product Errata RHSA-2019:2859 | |
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=moderate,public=20160824,reported=20160818,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,cwe=CWE-327,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=wontfix,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=wontfix,rhel-6/nss=wontfix,rhel-7/nss=wontfix,fedora-all/nss=affected,rhel-5/gnutls=notaffected,rhel-6/gnutls=notaffected,rhel-7/gnutls=notaffected,fedora-all/gnutls=notaffected,openstack-8/opendaylight=wontfix,openstack-9/opendaylight=wontfix,openstack-10/opendaylight=wontfix,openstack-11/opendaylight=wontfix,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.7.0-ibm=affected,rhel-6/java-1.7.1-ibm=affected,rhel-7/java-1.7.1-ibm=affected,rhel-6/java-1.8.0-ibm=affected,rhel-7/java-1.8.0-ibm=affected | |
| Jason Shepherd | 2019-11-18 22:12:40 UTC | CC | aos-bugs, bmontgom, jburrell, spadgett, sponnaga | |
| Jason Shepherd | 2019-11-18 22:15:43 UTC | Depends On | 1773788, 1773786, 1773787 | |
| Ján Rusnačko | 2019-11-19 08:39:33 UTC | CC | jrusnack | |
| Jason Shepherd | 2019-11-27 01:21:46 UTC | Depends On | 1777129 | |
| errata-xmlrpc | 2020-02-19 20:13:57 UTC | Link ID | Red Hat Product Errata RHSA-2020:0451 | |
| Sam Fowler | 2020-03-18 01:39:19 UTC | CC | bpeterse | |
| Sam Fowler | 2020-06-08 08:26:50 UTC | Depends On | 1840253 | |
| CC | amurdaca, mfojtik, sttts | |||
| Sam Fowler | 2020-06-08 08:44:37 UTC | Depends On | 1844989, 1844990 | |
| Sam Fowler | 2020-06-29 05:07:34 UTC | CC | sbatsche | |
| Sam Fowler | 2020-06-29 05:09:34 UTC | Depends On | 1851810 | |
| Sam Fowler | 2020-06-29 05:11:26 UTC | Depends On | 1851811 | |
| Sam Fowler | 2020-07-07 23:13:19 UTC | Depends On | 1851811 | |
| errata-xmlrpc | 2020-10-01 00:15:48 UTC | Link ID | Red Hat Product Errata RHSA-2020:3842 | |
| Sam Batschelet | 2021-01-20 11:43:17 UTC | Depends On | 1918281 | |
| Sam Fowler | 2021-02-02 02:08:58 UTC | CC | alegrand, anpicker, erooth, kakkoyun, lcosic, mloibl, pkrupa, surbania | |
| Sam Fowler | 2021-02-02 02:11:14 UTC | Depends On | 1923823 | |
| errata-xmlrpc | 2021-02-08 13:50:44 UTC | Link ID | Red Hat Product Errata RHSA-2021:0308 | |
| errata-xmlrpc | 2021-07-27 22:31:24 UTC | Link ID | Red Hat Product Errata RHSA-2021:2438 | |
| oarribas | 2021-09-15 17:20:19 UTC | Flags | needinfo?(security-response-team) | |
| CC | oarribas | |||
| Product Security DevOps Team | 2021-09-15 17:52:21 UTC | CC | huzaifas | |
| Flags | needinfo?(security-response-team) | needinfo?(huzaifas) | ||
| Huzaifa S. Sidhpurwala | 2021-09-20 04:13:58 UTC | Flags | needinfo?(huzaifas) | needinfo?(sfowler) |
| CC | sfowler | |||
| Sam Fowler | 2021-09-20 04:22:16 UTC | Flags | needinfo?(sfowler) | |
| Rutvik | 2022-04-19 19:27:59 UTC | CC | rkshirsa | |
| Flags | needinfo?(sfowler) | |||
| Sam Fowler | 2022-04-26 00:28:47 UTC | Flags | needinfo?(sfowler) | |
| Avinash Hanwate | 2022-06-14 05:36:59 UTC | CC | aos-install, ocp-storage-bot | |
| Sandipan Roy | 2022-06-14 05:55:04 UTC | Depends On | 2090662 | |
| Andre | 2022-08-24 13:32:19 UTC | CC | meeuw2000 |
Back to bug 1369383