Back to bug 1389193
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Siddharth Sharma | 2016-10-27 07:35:50 UTC | Blocks | 1389198 | |
| Siddharth Sharma | 2016-10-27 07:37:43 UTC | Depends On | 1389199 | |
| Garth Mollett | 2016-10-27 22:48:20 UTC | CC | gmollett | |
| Whiteboard | impact=moderate,public=20161020,reported=20161020,source=redhat,cvss2=6.3/AV:N/AC:M/Au:S/C:N/I:N/A:C,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=cwe-476,ceph-1.3/ceph=affected,ceph-2/ceph=affected,openstack-5/Ceph=new,openstack-6/Ceph=new,openstack-foreman/Ceph=new | impact=moderate,public=20161020,reported=20161020,source=redhat,cvss2=6.3/AV:N/AC:M/Au:S/C:N/I:N/A:C,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=cwe-476,ceph-1.3/ceph=affected,ceph-2/ceph=affected,openstack-5/Ceph=notaffected,openstack-6/Ceph=notaffected,openstack-foreman/Ceph=notaffected | ||
| Andrej Nemec | 2016-10-31 08:29:28 UTC | Whiteboard | impact=moderate,public=20161020,reported=20161020,source=redhat,cvss2=6.3/AV:N/AC:M/Au:S/C:N/I:N/A:C,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=cwe-476,ceph-1.3/ceph=affected,ceph-2/ceph=affected,openstack-5/Ceph=notaffected,openstack-6/Ceph=notaffected,openstack-foreman/Ceph=notaffected | impact=moderate,public=20161020,reported=20161020,source=redhat,cvss2=6.3/AV:N/AC:M/Au:S/C:N/I:N/A:C,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-476,ceph-1.3/ceph=affected,ceph-2/ceph=affected,openstack-5/Ceph=notaffected,openstack-6/Ceph=notaffected,openstack-foreman/Ceph=notaffected |
| Siddharth Sharma | 2016-11-02 13:28:07 UTC | Summary | CVE-2016-8626 Ceph: RGW Denial of Service by sending POST object with null conditions | CVE-2016-8626 Ceph: RGW Denial of Service by sending post object with null conditions |
| shilpa | 2016-11-09 11:58:30 UTC | CC | smanjara | |
| Casey Bodley | 2016-11-15 19:48:58 UTC | Blocks | 1394936 | |
| CC | cbodley | |||
| Siddharth Sharma | 2016-11-16 04:35:15 UTC | Doc Text | A flaw was found in ceph rados gateway in the way it handles post request.An authenticated attacker could launch a Denial of Service attack by sending null or specially crafted post request. | |
| Siddharth Sharma | 2016-11-16 04:48:39 UTC | Doc Text | A flaw was found in ceph rados gateway in the way it handles post request.An authenticated attacker could launch a Denial of Service attack by sending null or specially crafted post request. | A flaw was found in the way ceph rados gateway handles post request.An authenticated attacker could launch a Denial of Service attack by sending null or specially crafted post request. |
| Eric Christensen | 2016-11-16 14:18:03 UTC | Doc Text | A flaw was found in the way ceph rados gateway handles post request.An authenticated attacker could launch a Denial of Service attack by sending null or specially crafted post request. | A flaw was found in the way ceph RADOS gateway handles post request. An authenticated attacker could launch a Denial-of-Service attack by sending null or specially crafted post request. |
| Eric Christensen | 2016-11-16 14:36:45 UTC | Doc Text | A flaw was found in the way ceph RADOS gateway handles post request. An authenticated attacker could launch a Denial-of-Service attack by sending null or specially crafted post request. | A flaw was found in the way ceph RADOS gateway handles post request. An authenticated attacker could launch a denial of service attack by sending null or specially crafted post request. |
| Siddharth Sharma | 2016-11-21 23:07:07 UTC | Status | NEW | POST |
| CC | tserlin | |||
| Status | POST | MODIFIED | ||
| Fixed In Version | RHEL: ceph-0.94.9-7.el7cp Ubuntu: ceph_0.94.9-8redhat1 | |||
| Status | MODIFIED | ON_QA | ||
| Doc Text | A flaw was found in the way ceph RADOS gateway handles post request. An authenticated attacker could launch a denial of service attack by sending null or specially crafted post request. | A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests. | ||
| Siddharth Sharma | 2016-11-21 23:08:24 UTC | Status | ON_QA | NEW |
| Siddharth Sharma | 2016-11-22 08:24:39 UTC | Summary | CVE-2016-8626 Ceph: RGW Denial of Service by sending post object with null conditions | CVE-2016-8626 Ceph: RGW Denial of Service by sending null or specially crafted POST object requests |
| Siddharth Sharma | 2016-11-22 19:49:58 UTC | Blocks | 1387332 | |
| Ramakrishnan Periyasamy | 2016-11-28 11:53:25 UTC | Status | NEW | VERIFIED |
| CC | rperiyas | |||
| Ramakrishnan Periyasamy | 2016-11-29 06:03:33 UTC | Status | VERIFIED | NEW |
| Siddharth Sharma | 2016-12-01 22:38:59 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-12-01 17:38:59 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:58:49 UTC | Whiteboard | impact=moderate,public=20161020,reported=20161020,source=redhat,cvss2=6.3/AV:N/AC:M/Au:S/C:N/I:N/A:C,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-476,ceph-1.3/ceph=affected,ceph-2/ceph=affected,openstack-5/Ceph=notaffected,openstack-6/Ceph=notaffected,openstack-foreman/Ceph=notaffected |
Back to bug 1389193