Back to bug 1377376
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-09-19 13:56:57 UTC | CC | security-response-team | |
| Andrej Nemec | 2016-09-19 14:01:35 UTC | Blocks | 1377379 | |
| Summer Long | 2016-09-22 04:01:36 UTC | Whiteboard | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=new,openstack-6/python-django=new,openstack-7/python-django=new,openstack-7-optools/python-django=new,openstack-8/python-django=new,openstack-8-optools/python-django=new,openstack-9/python-django=new,openstack-10/python-django=new,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-1.2/Django=new,ceph-1.3/Django=new,sam-1/Django=new,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=new,openstack-6/python-django=new,openstack-7/python-django=new,openstack-7-optools/python-django=new,openstack-8/python-django=new,openstack-8-optools/python-django=new,openstack-9/python-django=new,openstack-10/python-django=new,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-1.2/Django=new,ceph-1.3/Django=new,sam-1/Django=new,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected |
| Summer Long | 2016-09-22 04:24:29 UTC | CC | slong | |
| Flags | needinfo?(mrunge) | |||
| Matthias Runge | 2016-09-22 06:05:14 UTC | Flags | needinfo?(mrunge) | |
| Summer Long | 2016-09-22 23:52:21 UTC | Whiteboard | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=new,openstack-6/python-django=new,openstack-7/python-django=new,openstack-7-optools/python-django=new,openstack-8/python-django=new,openstack-8-optools/python-django=new,openstack-9/python-django=new,openstack-10/python-django=new,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-1.2/Django=new,ceph-1.3/Django=new,sam-1/Django=new,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-1.2/Django=new,ceph-1.3/Django=new,sam-1/Django=new,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected |
| Summer Long | 2016-09-22 23:54:21 UTC | Depends On | 1378620 | |
| Summer Long | 2016-09-22 23:54:34 UTC | Depends On | 1378621 | |
| Summer Long | 2016-09-22 23:54:47 UTC | Depends On | 1378622 | |
| Summer Long | 2016-09-22 23:54:59 UTC | Depends On | 1378623 | |
| Summer Long | 2016-09-22 23:57:50 UTC | Depends On | 1378624 | |
| Summer Long | 2016-09-22 23:58:02 UTC | Depends On | 1378625 | |
| Summer Long | 2016-09-22 23:58:15 UTC | Depends On | 1378626 | |
| Summer Long | 2016-09-22 23:59:55 UTC | Depends On | 1378627 | |
| Summer Long | 2016-09-23 00:00:08 UTC | Depends On | 1378628 | |
| Summer Long | 2016-09-23 00:00:21 UTC | Depends On | 1378629 | |
| Summer Long | 2016-09-23 00:00:33 UTC | Depends On | 1378630 | |
| Summer Long | 2016-09-23 04:52:56 UTC | Summary | EMBARGOED CVE-2016-7401 django: CSRF protection bypass on a site with Google Analytics | EMBARGOED CVE-2016-7401 python-django: CSRF protection bypass on a site with Google Analytics |
| Kurt Seifried | 2016-09-23 17:09:44 UTC | Whiteboard | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-1.2/Django=new,ceph-1.3/Django=new,sam-1/Django=new,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-1.2/Django=new,ceph-1.3/Django=new,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected |
| Jon Schlueter | 2016-09-23 19:25:34 UTC | CC | jjoyce | |
| Jon Schlueter | 2016-09-24 01:09:30 UTC | CC | mburns | |
| Siddharth Sharma | 2016-09-26 03:52:25 UTC | CC | sisharma | |
| Whiteboard | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-1.2/Django=new,ceph-1.3/Django=new,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2.0/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | ||
| Summer Long | 2016-09-26 23:49:32 UTC | Whiteboard | impact=moderate,public=no,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2.0/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2.0/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected |
| Summer Long | 2016-09-26 23:49:40 UTC | Summary | EMBARGOED CVE-2016-7401 python-django: CSRF protection bypass on a site with Google Analytics | CVE-2016-7401 python-django: CSRF protection bypass on a site with Google Analytics |
| Summer Long | 2016-09-26 23:49:48 UTC | Group | security, qe_staff | |
| Summer Long | 2016-09-26 23:57:31 UTC | Depends On | 1379486 | |
| Summer Long | 2016-09-26 23:57:44 UTC | Depends On | 1379487 | |
| Summer Long | 2016-09-26 23:57:51 UTC | Depends On | 1379488 | |
| Summer Long | 2016-09-26 23:58:00 UTC | Depends On | 1379489 | |
| Summer Long | 2016-09-27 02:44:12 UTC | Doc Text | A CSRF flaw was found in Django, where an interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection. In this update, the parser for ``request.COOKIES`` has been simplified to better match browser behavior and to mitigate this attack. ``request.COOKIES`` may now contain cookies that are invalid according to RFC 6265 but are possible to set using ``document.cookie``. |
|
| Eric Christensen | 2016-09-27 16:24:26 UTC | Doc Text | A CSRF flaw was found in Django, where an interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection. In this update, the parser for ``request.COOKIES`` has been simplified to better match browser behavior and to mitigate this attack. ``request.COOKIES`` may now contain cookies that are invalid according to RFC 6265 but are possible to set using ``document.cookie``. | A CSRF flaw was found in Django, where an interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection. In this update, the parser for ''request.COOKIES'' has been simplified to better match browser behavior and to mitigate this attack. ''request.COOKIES'' may now contain cookies that are invalid according to RFC 6265 but are possible to set using ''document.cookie''. |
| Summer Long | 2016-09-28 01:21:15 UTC | CC | sparks | |
| Flags | needinfo?(sparks) | |||
| Eric Christensen | 2016-09-28 15:22:30 UTC | Flags | needinfo?(sparks) | |
| Eric Christensen | 2016-09-28 15:22:59 UTC | CC | sparks | |
| Summer Long | 2016-09-28 23:09:11 UTC | CC | sparks | |
| Flags | needinfo?(sparks) | |||
| Eric Christensen | 2016-09-29 19:34:13 UTC | Flags | needinfo?(sparks) | |
| Eric Christensen | 2016-09-29 20:08:50 UTC | CC | sparks | |
| Siddharth Sharma | 2016-10-04 13:36:53 UTC | Whiteboard | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2.0/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected |
| Summer Long | 2016-10-05 05:54:31 UTC | CC | sparks | |
| Flags | needinfo?(sparks) | |||
| Eric Christensen | 2016-10-05 20:53:12 UTC | CC | sparks | |
| Flags | needinfo?(sparks) | |||
| Summer Long | 2016-10-10 00:16:35 UTC | Whiteboard | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2.0/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected |
| Summer Long | 2016-10-10 04:02:00 UTC | Whiteboard | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2.0/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected |
| Garth Mollett | 2016-11-22 00:48:06 UTC | CC | gmollett | |
| Whiteboard | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=affected | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=notaffected | ||
| Summer Long | 2016-12-16 00:32:31 UTC | Whiteboard | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=affected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=notaffected | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=notaffected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=notaffected |
| Summer Long | 2017-01-19 02:56:04 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-01-18 21:56:04 UTC | |||
| Joshua Padman | 2018-09-24 02:13:03 UTC | CC | rhos-maint, slinaber | |
| Whiteboard | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=affected,openstack-8/python-django=affected,openstack-8-optools/python-django=affected,openstack-9/python-django=affected,openstack-10/python-django=notaffected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=affected,openstack-10-optools/python-django=notaffected | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=wontfix,openstack-8/python-django=affected,openstack-8-optools/python-django=wontfix,openstack-9/python-django=affected,openstack-10/python-django=notaffected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=wontfix,openstack-10-optools/python-django=notaffected | ||
| Product Security DevOps Team | 2019-09-29 13:56:12 UTC | Whiteboard | impact=moderate,public=20160926,reported=20160919,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=6.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-352,openstack-5/python-django=affected,openstack-6/python-django=affected,openstack-7/python-django=affected,openstack-7-optools/python-django=wontfix,openstack-8/python-django=affected,openstack-8-optools/python-django=wontfix,openstack-9/python-django=affected,openstack-10/python-django=notaffected,openstack-rdo/python-django-horizon=new,openstack-rdo/python-django-openstack-auth=new,openstack-rdo/python-django=new,ceph-2/Django=notaffected,ceph-1.3/Django=notaffected,sam-1/Django=notaffected,fedora-all/python-django=affected,epel-6/Django14=affected,epel-6/python-django15=affected,epel-7/python-django=affected,openstack-9-optools/python-django=wontfix,openstack-10-optools/python-django=notaffected | |
| Hardik Vyas | 2020-10-09 07:01:31 UTC | CC | hvyas |
Back to bug 1377376