Back to bug 1399566
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-11-29 10:19:14 UTC | CC | security-response-team | |
| Adam Mariš | 2016-11-29 10:20:08 UTC | Blocks | 1399568 | |
| Adam Mariš | 2016-11-29 10:20:27 UTC | Depends On | 1399161 | |
| Doran Moppert | 2016-12-08 04:51:45 UTC | Whiteboard | impact=moderate,public=no,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20,rhel-6/spice-server=new,rhel-7/spice=new,fedora-all/spice=affected | impact=moderate,public=no,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new |
| Doran Moppert | 2016-12-08 04:51:53 UTC | CC | bmcclain, eedri, fdeutsch, gklein, lsurette, mgoldboi, michal.skrivanek, pstehlik, sherold, srevivo, ycui, ydary, ykaul | |
| Doran Moppert | 2016-12-08 05:01:22 UTC | Doc Text | A vulnerability was discovered in spice, in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. | |
| Eric Christensen | 2016-12-08 05:12:00 UTC | Doc Text | A vulnerability was discovered in spice, in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. | A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. |
| Doran Moppert | 2016-12-09 01:00:07 UTC | Depends On | 1403046 | |
| Doran Moppert | 2016-12-09 01:00:19 UTC | Depends On | 1403047 | |
| Doran Moppert | 2016-12-09 01:01:34 UTC | Depends On | 1403048 | |
| Doran Moppert | 2016-12-09 01:01:44 UTC | Depends On | 1403049 | |
| Martin Prpič | 2016-12-09 06:51:20 UTC | Alias | CVE-2016-9578 | |
| Martin Prpič | 2016-12-09 06:51:26 UTC | Summary | EMBARGOED spice: Remote DoS via crafted message | EMBARGOED CVE-2016-9578 spice: Remote DoS via crafted message |
| Christophe Fergeau | 2016-12-09 17:44:56 UTC | CC | fziglio | |
| Doran Moppert | 2016-12-13 03:51:10 UTC | CC | dmoppert | |
| Frediano Ziglio | 2017-01-16 14:49:01 UTC | Flags | needinfo?(security-response-team) | |
| Clifford Perry | 2017-01-16 16:03:25 UTC | CC | cperry | |
| Flags | needinfo?(security-response-team) | needinfo?(dmoppert) | ||
| Doran Moppert | 2017-01-17 04:54:41 UTC | Flags | needinfo?(dmoppert) | |
| Doran Moppert | 2017-01-31 05:28:20 UTC | Whiteboard | impact=moderate,public=no,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new |
| Flags | needinfo?(cfergeau) | |||
| Christophe Fergeau | 2017-01-31 09:54:02 UTC | Flags | needinfo?(cfergeau) | |
| Doran Moppert | 2017-02-01 00:25:02 UTC | CC | dougsland | |
| Whiteboard | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new | ||
| Douglas Schilling Landgraf | 2017-02-01 00:46:04 UTC | CC | rbarry, sbonazzo | |
| Kurt Seifried | 2017-02-03 16:34:15 UTC | Whiteboard | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new,rhev-m-4/distribution=affected |
| Kurt Seifried | 2017-02-03 16:35:02 UTC | Whiteboard | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=new,rhev-m-4/distribution=affected | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=affected,rhev-m-4/distribution=affected |
| Kurt Seifried | 2017-02-03 16:35:44 UTC | Depends On | 1419134 | |
| Doran Moppert | 2017-02-06 04:00:11 UTC | Group | security, qe_staff | |
| CC | alexl, alon, hdegoede, jforbes, marcandre.lureau, Rhev-m-bugs, rh-spice-bugs, sandmann, uril, virt-maint | |||
| Summary | EMBARGOED CVE-2016-9578 spice: Remote DoS via crafted message | CVE-2016-9578 spice: Remote DoS via crafted message | ||
| Kurt Seifried | 2017-02-06 20:48:02 UTC | Blocks | 1419717 | |
| Eric Christensen | 2017-03-14 21:57:27 UTC | CC | sparks | |
| Doc Text | A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. | A vulnerability was discovered in SPICE in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. | ||
| Frediano Ziglio | 2017-03-15 07:49:04 UTC | CC | fziglio | |
| Scott Herold | 2017-09-12 15:34:23 UTC | CC | sherold | |
| Eric Christensen | 2018-02-02 19:42:32 UTC | CC | sparks | |
| PnT Account Manager | 2018-07-18 15:07:23 UTC | CC | rbalakri | |
| Andrej Nemec | 2018-07-27 13:18:55 UTC | Fixed In Version | spice 0.13.90 | |
| PnT Account Manager | 2018-11-05 22:49:37 UTC | CC | ylavi | |
| Doran Moppert | 2019-01-04 06:19:33 UTC | CC | dfediuck, sherold | |
| Whiteboard | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhel-7/rhev-hypervisor=new,rhev-m-3/rhev-hypervisor=affected,rhev-m-4/distribution=affected | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhev-m-4/rhev-hypervisor=affected,rhev-m-3/rhev-hypervisor=affected,rhev-m-4/distribution=affected | ||
| Gil Klein | 2019-04-14 12:33:05 UTC | CC | gklein | |
| Product Security DevOps Team | 2019-06-08 03:02:43 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 03:02:43 UTC | |||
| Product Security DevOps Team | 2019-09-29 14:00:54 UTC | Whiteboard | impact=moderate,public=20170206,reported=20161128,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-20->CWE-770,rhel-6/spice-server=affected,rhel-7/spice=affected,fedora-all/spice=affected,rhev-m-4/rhev-hypervisor=affected,rhev-m-3/rhev-hypervisor=affected,rhev-m-4/distribution=affected |
Back to bug 1399566