Back to bug 1372117
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jason Shepherd | 2016-09-01 00:31:39 UTC | Blocks | 1371804 | |
| Jason Shepherd | 2016-09-01 00:32:16 UTC | Depends On | 1372118 | |
| Jason Shepherd | 2016-09-01 01:32:50 UTC | Doc Text | It was found that there was insufficient use of randam values in RESTEasy async jobs. An attacker could use this flaw to steal user data. | |
| Jason Shepherd | 2016-09-01 02:18:36 UTC | Blocks | 1372141 | |
| Jason Shepherd | 2016-09-01 04:42:57 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=330,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=new,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=new,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix |
| Jason Shepherd | 2016-09-01 04:52:39 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=new,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix |
| Jason Shepherd | 2016-09-01 04:58:07 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix |
| Jason Shepherd | 2016-09-02 05:35:26 UTC | Blocks | 1372565 | |
| Jason Shepherd | 2016-09-02 05:38:37 UTC | Blocks | 1372568 | |
| Jason Shepherd | 2016-09-02 05:42:39 UTC | Blocks | 1372571 | |
| Adam Mariš | 2016-09-02 08:37:22 UTC | CC | amaris | |
| Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix | ||
| Pavel Polischouk | 2016-09-02 21:59:00 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix |
| Hooman Broujerdi | 2016-09-05 03:22:02 UTC | CC | hghasemb | |
| Hooman Broujerdi | 2016-09-05 05:17:58 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix |
| Adam Mariš | 2016-11-08 16:12:30 UTC | CC | amaris | |
| huangyankun | 2017-04-05 01:27:39 UTC | CC | 870022574 | |
| Kurt Seifried | 2017-07-14 21:14:53 UTC | CC | lzap, mhulan, tbrisker | |
| Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=wontfix | ||
| Kurt Seifried | 2017-07-14 21:15:50 UTC | Depends On | 1471273, 1471274 | |
| Bryan Kearney | 2017-08-08 20:44:59 UTC | CC | bcourt, mstead | |
| Kurt Seifried | 2017-08-11 20:37:56 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=wontfix |
| Kurt Seifried | 2017-08-11 20:40:21 UTC | Depends On | 1480769 | |
| Scott Herold | 2017-09-12 15:27:03 UTC | CC | sherold | |
| PnT Account Manager | 2017-12-07 23:57:56 UTC | CC | felias | |
| Oved Ourfali | 2018-01-04 09:47:35 UTC | CC | oourfali | |
| PnT Account Manager | 2018-01-30 20:39:37 UTC | CC | hchiorea | |
| PnT Account Manager | 2018-02-06 19:24:12 UTC | CC | hfnukal | |
| PnT Account Manager | 2018-03-05 15:02:57 UTC | CC | bazulay | |
| Chess Hazlett | 2018-04-20 15:35:24 UTC | CC | drieden, pdrozd, sthorger | |
| Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=new,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=wontfix | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=notaffected,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=wontfix,jdg-7/resteasy=affected | ||
| PnT Account Manager | 2018-05-10 18:17:25 UTC | CC | pavelp | |
| PnT Account Manager | 2018-06-29 22:13:54 UTC | CC | kseifried | |
| PnT Account Manager | 2018-11-05 22:46:23 UTC | CC | ylavi | |
| PnT Account Manager | 2018-11-09 22:32:01 UTC | CC | hghasemb | |
| Gil Klein | 2019-04-14 12:40:25 UTC | CC | gklein | |
| PnT Account Manager | 2019-04-22 21:31:04 UTC | CC | tjay | |
| Marek Goldmann | 2019-06-08 07:55:53 UTC | CC | mgoldman | |
| Lukáš Petrovický | 2019-09-24 14:08:22 UTC | CC | lpetrovi | |
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.1/AV:N/AC:H/Au:S/C:P/I:N/A:N,cvss3=3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N,cwe=CWE-330,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/resteasy=wontfix,brms-6/resteasy=wontfix,jdg-6/Build=notaffected,jdv-6/resteasy=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/resteasy=wontfix,fuse-6/SwitchYard=wontfix,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=wontfix,jdg-7/resteasy=affected | |
| PnT Account Manager | 2019-11-05 01:06:52 UTC | CC | psakar | |
| Jeff Fearn 🐞 | 2020-04-27 01:34:16 UTC | CC | jbpapp-maint | |
| Jeff Fearn 🐞 | 2020-04-27 01:37:45 UTC | CC | Rhev-m-bugs | |
| PnT Account Manager | 2020-10-16 22:24:47 UTC | CC | pgier | |
| PnT Account Manager | 2020-10-20 21:09:07 UTC | CC | vhalbert | |
| PnT Account Manager | 2020-11-12 22:19:41 UTC | CC | miburman | |
| Cedric Buissart | 2021-01-08 16:48:30 UTC | Depends On | 1914368 | |
| Cedric Buissart | 2021-01-08 16:52:51 UTC | Fixed In Version | resteasy 3.1.0.CR1, resteasy 3.0.20.Final | |
| Red Hat Bugzilla | 2021-03-23 23:38:37 UTC | CC | dblechte | |
| Red Hat Bugzilla | 2021-09-01 04:30:08 UTC | CC | spinder | |
| Red Hat Bugzilla | 2021-10-15 11:52:06 UTC | CC | kconner | |
| Joshua Padman | 2021-10-21 00:54:38 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2021-10-21 00:54:38 UTC | |||
| Tomer Brisker | 2021-12-14 18:47:58 UTC | CC | tbrisker |
Back to bug 1372117