Changes made to bug 1402869

Back to bug 1402869

Who	When	What	Removed	Added
Adam Mariš	2016-12-08 14:08:48 UTC	Depends On		1402870
Adam Mariš	2016-12-08 14:09:00 UTC	Depends On		1402871
Adam Mariš	2016-12-08 14:12:18 UTC	Blocks		1402874
Siddharth Sharma	2016-12-13 17:42:08 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=new,openstack-5-rhel6/nagios=new,openstack-5-rhel7/nagios=new,openstack-6/nagios=new,openstack-7/nagios=new,rhmap-4/nagios=new,fedora-all/nagios=affected,epel-all/nagios=affected	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=new,openstack-5-rhel7/nagios=new,openstack-6/nagios=new,openstack-7/nagios=new,rhmap-4/nagios=new,fedora-all/nagios=affected,epel-all/nagios=affected
Tim Suter	2016-12-15 00:17:52 UTC	CC		tsuter
Tim Suter	2016-12-15 00:20:58 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=new,openstack-5-rhel7/nagios=new,openstack-6/nagios=new,openstack-7/nagios=new,rhmap-4/nagios=new,fedora-all/nagios=affected,epel-all/nagios=affected	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=new,fedora-all/nagios=affected,epel-all/nagios=affected
Tim Suter	2016-12-15 00:34:30 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=new,fedora-all/nagios=affected,epel-all/nagios=affected	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=new,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected
Rejy M Cyriac	2016-12-15 17:00:53 UTC	CC		rcyriac
Jason Shepherd	2016-12-16 03:18:46 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=new,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected
Siddharth Sharma	2016-12-16 06:25:17 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected/impact=moderate,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected
Siddharth Sharma	2016-12-16 07:50:37 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected/impact=moderate,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=wontfix/impact=moderate,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected
Siddharth Sharma	2016-12-21 12:56:53 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=wontfix/impact=moderate,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected/impact=moderate,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected
Siddharth Sharma	2016-12-21 13:03:44 UTC	Depends On		1406780
Julien Thomas	2017-01-12 15:09:02 UTC	CC		dario.vieli
		CC	dario.vieli
		CC		julthomas
Tim Suter	2017-01-16 06:16:41 UTC	Depends On		1413483
Tim Suter	2017-01-16 06:18:24 UTC	Depends On		1413481
Tim Suter	2017-01-16 06:19:26 UTC	Depends On		1413482
Tim Suter	2017-01-16 06:20:21 UTC	Depends On		1413480
Nick Bebout	2017-01-20 21:28:40 UTC	CC	nb
Siddharth Sharma	2017-01-24 03:07:19 UTC	Blocks		1415899
Tim Suter	2017-01-30 02:00:09 UTC	Doc Text		It was found that an attacker who could control logging configuration of nagios could elevate their access to a privileged user
Tim Suter	2017-01-30 02:00:09 UTC	Doc Type	If docs needed, set a value	Bug Fix
Summer Long	2017-01-30 02:17:17 UTC	CC		slong
Summer Long	2017-01-30 02:17:17 UTC	Doc Text	It was found that an attacker who could control logging configuration of nagios could elevate their access to a privileged user	A privileges flaw was found in Nagios where log files were unsafely handled. An attacker who could control Nagios logging configuration ('nagios' user/group) could exploit the flaw to elevate their access to that of a privileged user.
Tim Suter	2017-01-30 03:48:10 UTC	Blocks		1417519
Tim Suter	2017-01-31 23:07:28 UTC	Status	NEW	CLOSED
		Resolution	---	ERRATA
		Last Closed		2017-01-31 18:07:28 UTC
Tim Suter	2017-01-31 23:17:53 UTC	Status	CLOSED	ASSIGNED
		Resolution	ERRATA	---
		Keywords		Reopened
Tim Suter	2017-01-31 23:18:39 UTC	Status	ASSIGNED	RELEASE_PENDING
Martin Prpič	2017-02-07 10:05:06 UTC	Doc Text	A privileges flaw was found in Nagios where log files were unsafely handled. An attacker who could control Nagios logging configuration ('nagios' user/group) could exploit the flaw to elevate their access to that of a privileged user.	A privilege escalation flaw was found in the way Nagios handled log files. An attacker able to control the Nagios logging configuration (the 'nagios' user/group) could use this flaw to elevate their privileges to root.
Siddharth Sharma	2017-02-08 04:12:23 UTC	Status	RELEASE_PENDING	NEW
Adam Young	2017-10-18 18:53:28 UTC	CC	ayoung
PnT Account Manager	2018-01-30 03:14:33 UTC	CC	coneill
PnT Account Manager	2018-01-31 00:09:06 UTC	CC	aortega
PnT Account Manager	2018-01-31 02:07:56 UTC	CC	tsuter
PnT Account Manager	2019-04-22 21:31:30 UTC	CC	tjay
PnT Account Manager	2019-05-31 14:22:09 UTC	CC	smohan
Product Security DevOps Team	2019-06-08 03:03:52 UTC	Status	NEW	CLOSED
		Resolution	---	ERRATA
		Last Closed	2017-01-31 23:07:28 UTC	2019-06-08 03:03:52 UTC
Product Security DevOps Team	2019-09-29 14:02:45 UTC	Whiteboard	impact=important,public=20161207,reported=20161207,source=internet,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,cvss3=7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-59,rhes-3.1/nagios=affected/impact=moderate,openstack-5-rhel6/nagios=wontfix,openstack-5-rhel7/nagios=wontfix,openstack-6/nagios=wontfix,openstack-7/nagios=wontfix,rhmap-4/nagios=affected/impact=moderate/cvss2=6.6/AV:L/AC:M/Au:S/C:C/I:C/A:C,fedora-all/nagios=affected,epel-all/nagios=affected,openstack-8/nagios=notaffected,openstack-9/nagios=notaffected,openstack-10/nagios=notaffected

Back to bug 1402869