Back to bug 1369504
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-08-23 15:11:52 UTC | Depends On | 1369505 | |
| Adam Mariš | 2016-08-23 15:12:00 UTC | Depends On | 1369506 | |
| Adam Mariš | 2016-08-23 15:12:09 UTC | Depends On | 1369507 | |
| Adam Mariš | 2016-08-23 15:13:29 UTC | Blocks | 1369509 | |
| Norman Sardella | 2016-08-24 08:47:42 UTC | CC | sardella | |
| Slawomir Czarko | 2016-08-24 09:01:16 UTC | CC | slawomir | |
| Tomas Hoger | 2016-08-25 11:11:49 UTC | Blocks | 1369509 | 1367347 |
| Tomas Hoger | 2016-09-19 20:50:13 UTC | Summary | CVE-2016-2179 openssl: DoS attack by filling up the queue for future messages | CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer |
| Whiteboard | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,rhel-5/openssl=new,rhel-5/openssl097a=new,rhel-6/openssl=new,rhel-6/openssl098e=new,rhel-7/openssl=new,rhel-7/openssl098e=new,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=new,rhel-5/openssl097a=new,rhel-6/openssl=affected,rhel-6/openssl098e=new,rhel-7/openssl=affected,rhel-7/openssl098e=new,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | ||
| Tomas Hoger | 2016-09-20 08:47:42 UTC | Depends On | 1377623 | |
| Tomas Hoger | 2016-09-20 08:47:52 UTC | Depends On | 1377624 | |
| Tomas Hoger | 2016-09-20 08:48:04 UTC | Depends On | 1377625 | |
| Tomas Hoger | 2016-09-20 08:48:11 UTC | Depends On | 1377626 | |
| Tomas Hoger | 2016-09-21 11:16:23 UTC | Doc Text | It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. | |
| Tomas Hoger | 2016-09-22 12:05:40 UTC | Fixed In Version | openssl 1.0.1u, openssl 1.0.2i | |
| Huzaifa S. Sidhpurwala | 2016-09-23 10:27:27 UTC | Whiteboard | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=new,rhel-5/openssl097a=new,rhel-6/openssl=affected,rhel-6/openssl098e=new,rhel-7/openssl=affected,rhel-7/openssl098e=new,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected |
| Yasuhiro Ozone | 2016-09-26 09:43:29 UTC | CC | yozone | |
| Apurbita Mukherjee | 2016-09-26 13:23:32 UTC | CC | apmukher | |
| Jay Shin | 2016-09-28 00:45:28 UTC | CC | jaeshin | |
| Link ID | Red Hat Knowledge Base (Solution) 2662211 | |||
| Timothy Walsh | 2016-10-05 06:21:24 UTC | Whiteboard | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected |
| Timothy Walsh | 2016-10-05 06:21:37 UTC | CC | mturk | |
| Timothy Walsh | 2016-10-05 06:22:31 UTC | Depends On | 1381811 | |
| Timothy Walsh | 2016-10-05 06:22:42 UTC | Depends On | 1381812 | |
| Timothy Walsh | 2017-02-21 04:37:35 UTC | Whiteboard | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=defer,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected |
| Timothy Walsh | 2017-08-23 02:32:23 UTC | CC | jshepherd | |
| Whiteboard | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=defer,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=notaffected,jbcs-1/openssl=notaffected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | ||
| Bharti Kundal | 2017-11-01 05:43:04 UTC | CC | apintea, bkundal, chazlett, dimitris, fgavrilo, jondruse, pjurak, ppalaga, rstancel, sstavrev | |
| Whiteboard | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=notaffected,jbcs-1/openssl=notaffected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=notaffected,jbcs-1/openssl=notaffected,eap-6/openssl=notaffected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | ||
| PnT Account Manager | 2018-06-01 21:39:01 UTC | CC | sstavrev | |
| PnT Account Manager | 2018-10-19 21:37:14 UTC | CC | bkundal | |
| PnT Account Manager | 2019-04-05 03:14:54 UTC | CC | apintea | |
| Product Security DevOps Team | 2019-06-08 02:57:47 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:57:47 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=moderate,public=20160630,reported=20160822,source=suse,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-772,rhel-5/openssl=wontfix,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=wontfix,jbews-3/openssl=notaffected,jbcs-1/openssl=notaffected,eap-6/openssl=notaffected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected |
Back to bug 1369504