Back to bug 1377600
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Tomas Hoger | 2016-09-20 08:10:27 UTC | CC | security-response-team | |
| Tomas Hoger | 2016-09-20 08:10:38 UTC | Blocks | 1367347 | |
| Tomas Hoger | 2016-09-20 08:17:09 UTC | Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-5/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected |
| Tomas Hoger | 2016-09-20 08:47:42 UTC | Depends On | 1377623 | |
| Tomas Hoger | 2016-09-20 08:47:52 UTC | Depends On | 1377624 | |
| Tomas Hoger | 2016-09-20 08:48:04 UTC | Depends On | 1377625 | |
| Tomas Hoger | 2016-09-20 08:48:11 UTC | Depends On | 1377626 | |
| Stanislav Zidek | 2016-09-20 09:35:50 UTC | CC | szidek | |
| Tomas Hoger | 2016-09-21 11:32:59 UTC | Doc Text | A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. | |
| Tomas Hoger | 2016-09-21 21:36:22 UTC | Attachment #1202766 Attachment is obsolete | 0 | 1 |
| Tomas Hoger | 2016-09-21 21:36:44 UTC | Attachment #1202768 Attachment is obsolete | 0 | 1 |
| Tomas Hoger | 2016-09-22 10:58:27 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth | CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth | ||
| Tomas Hoger | 2016-09-22 11:02:52 UTC | Depends On | 1378408 | |
| Tomas Hoger | 2016-09-22 11:03:01 UTC | Depends On | 1378409 | |
| Tomas Hoger | 2016-09-22 11:03:11 UTC | Depends On | 1378410 | |
| Tomas Hoger | 2016-09-22 11:03:22 UTC | Depends On | 1378411 | |
| Norman Sardella | 2016-09-22 12:39:14 UTC | CC | sardella | |
| Pete Philips | 2016-09-22 12:44:31 UTC | CC | pete.philips | |
| James Boyle | 2016-09-22 13:40:56 UTC | CC | unixi | |
| Slawomir Czarko | 2016-09-22 16:29:57 UTC | CC | slawomir | |
| Muhammad Azhar Shaikh | 2016-09-23 10:47:07 UTC | CC | mdshaikh | |
| Vadym Chepkov | 2016-09-25 12:56:56 UTC | CC | vchepkov | |
| Yoshinori Takahashi | 2016-09-26 00:11:26 UTC | CC | helge.wiethoff | |
| CC | hkim | |||
| Yasuhiro Ozone | 2016-09-26 09:21:14 UTC | CC | hasuzuki | |
| CC | yozone | |||
| Apurbita Mukherjee | 2016-09-26 13:21:20 UTC | CC | apmukher | |
| kfujii | 2016-09-27 06:43:17 UTC | CC | kfujii | |
| Jay Shin | 2016-09-28 00:43:23 UTC | CC | jaeshin | |
| Link ID | Red Hat Knowledge Base (Solution) 2662211 | |||
| Timothy Walsh | 2016-10-04 07:52:00 UTC | Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-5/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=affected,jbews-2/openssl=new,jbews-3/openssl=affected,eap-5/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected |
| Timothy Walsh | 2016-10-04 12:42:40 UTC | Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=affected,jbews-2/openssl=new,jbews-3/openssl=affected,eap-5/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected |
| Timothy Walsh | 2016-10-04 12:42:49 UTC | CC | csutherl, jclere, mbabacek, mturk, twalsh | |
| Timothy Walsh | 2016-10-04 12:43:35 UTC | Depends On | 1381558 | |
| Timothy Walsh | 2016-10-04 12:44:03 UTC | Depends On | 1381559 | |
| Timothy Walsh | 2016-10-04 12:44:17 UTC | Depends On | 1381560 | |
| Timothy Walsh | 2016-10-04 12:55:33 UTC | Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=notaffected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected |
| Timothy Walsh | 2016-10-05 03:00:22 UTC | Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=notaffected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected |
| Adam Mariš | 2016-10-27 14:05:47 UTC | Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6.2.z/openssl=affected,rhel-6.4.z/openssl=affected,rhel-6.5.z/openssl=affected,rhel-6.6.z/openssl=affected,rhel-6.7.z/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected |
| Adam Mariš | 2016-10-27 14:07:23 UTC | Depends On | 1389394 | |
| Adam Mariš | 2016-10-27 14:07:27 UTC | Depends On | 1389395 | |
| Adam Mariš | 2016-10-27 14:07:31 UTC | Depends On | 1389396 | |
| Adam Mariš | 2016-10-27 14:07:35 UTC | Depends On | 1389397 | |
| Adam Mariš | 2016-10-27 14:07:40 UTC | Depends On | 1389398 | |
| Timothy Walsh | 2017-02-21 04:51:17 UTC | CC | bbaranow, bmaxwell, cdewolf, dandread, darran.lofthouse, dosoudil, erik-fedora, gzaronik, huwang, jawilson, ktietz, lgao, marcandre.lureau, myarboro, pgier, psakar, pslavice, redhat-bugzilla, rjones, rnetuka, rsvoboda, vtunka, weli | |
| Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6.2.z/openssl=affected,rhel-6.4.z/openssl=affected,rhel-6.5.z/openssl=affected,rhel-6.6.z/openssl=affected,rhel-6.7.z/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6.2.z/openssl=affected,rhel-6.4.z/openssl=affected,rhel-6.5.z/openssl=affected,rhel-6.6.z/openssl=affected,rhel-6.7.z/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=defer,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected | ||
| Adam Mariš | 2017-03-07 14:32:57 UTC | Depends On | 1429941 | |
| Timothy Walsh | 2017-06-02 11:02:17 UTC | Blocks | 1457678 | |
| Timothy Walsh | 2017-06-15 10:21:20 UTC | Blocks | 1446026 | |
| Timothy Walsh | 2017-06-15 10:53:11 UTC | Blocks | 1461790 | |
| Richa | 2017-08-08 15:51:39 UTC | Blocks | 1479475 | |
| Timothy Walsh | 2017-08-28 05:23:36 UTC | CC | krathod | |
| PnT Account Manager | 2018-01-30 14:46:14 UTC | CC | hkim | |
| PnT Account Manager | 2018-08-27 21:30:37 UTC | CC | mdshaikh | |
| Product Security DevOps Team | 2019-06-08 02:58:55 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:58:55 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:56:12 UTC | Whiteboard | impact=important,public=20160922,reported=20160919,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-4/openssl=notaffected,rhel-5/openssl=notaffected,rhel-5/openssl097a=notaffected,rhel-6/openssl=affected,rhel-6.2.z/openssl=affected,rhel-6.4.z/openssl=affected,rhel-6.5.z/openssl=affected,rhel-6.6.z/openssl=affected,rhel-6.7.z/openssl=affected,rhel-6/openssl098e=notaffected,rhel-7/openssl=affected,rhel-7/openssl098e=notaffected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=defer,jbcs-1/openssl=affected,eap-5/openssl=new,eap-6/openssl=affected,fedora-all/openssl=affected,epel-5/openssl101e=affected,fedora-all/mingw-openssl=affected,epel-7/mingw-openssl=affected |
Back to bug 1377600