Back to bug 1385714
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Tomas Hoger | 2016-10-17 14:49:08 UTC | CC | security-response-team | |
| Tomas Hoger | 2016-10-17 14:49:13 UTC | Blocks | 1381992 | |
| Tomas Hoger | 2016-10-18 11:41:24 UTC | Doc Text | A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. | |
| Tomas Hoger | 2016-10-18 20:10:15 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-5554 OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739) | CVE-2016-5554 OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739) | ||
| Tomas Hoger | 2016-10-18 20:59:22 UTC | Whiteboard | impact=moderate,public=20161018,reported=20161014,source=oracle,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected | impact=moderate,public=20161018,reported=20161014,source=oracle,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-7/java-1.6.0-sun=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected |
| Norman Sardella | 2016-10-19 13:32:02 UTC | CC | sardella | |
| Tomas Hoger | 2016-10-31 20:57:36 UTC | Whiteboard | impact=moderate,public=20161018,reported=20161014,source=oracle,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-7/java-1.6.0-sun=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected | impact=moderate,public=20161018,reported=20161014,source=oracle,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-7/java-1.6.0-sun=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.7.0-ibm=affected,rhel-6/java-1.7.1-ibm=affected,rhel-7/java-1.7.1-ibm=affected,rhel-6/java-1.8.0-ibm=affected,rhel-7/java-1.8.0-ibm=affected |
| kat | 2016-10-31 22:16:20 UTC | CC | kbost | |
| Tomas Hoger | 2017-01-13 08:12:43 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-01-13 03:12:43 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:58:49 UTC | Whiteboard | impact=moderate,public=20161018,reported=20161014,source=oracle,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected,rhel-7/java-1.6.0-openjdk=affected,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-7/java-1.6.0-sun=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.7.0-ibm=affected,rhel-6/java-1.7.1-ibm=affected,rhel-7/java-1.7.1-ibm=affected,rhel-6/java-1.8.0-ibm=affected,rhel-7/java-1.8.0-ibm=affected |
Back to bug 1385714