Back to bug 1403003
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Matt Benjamin (redhat) | 2016-12-08 21:00:55 UTC | Blocks | 1403007 | |
| Ken Dreyer (Red Hat) | 2016-12-08 21:05:32 UTC | Keywords | Security | |
| CC | kdreyer | |||
| Matt Benjamin (redhat) | 2016-12-08 21:13:22 UTC | Status | NEW | POST |
| Ken Dreyer (Red Hat) | 2016-12-08 22:32:57 UTC | Status | POST | MODIFIED |
| Fixed In Version | RHEL: ceph-10.2.3-17.el7cp Ubuntu: ceph_10.2.3-18redhat1xenial | |||
| Ken Dreyer (Red Hat) | 2016-12-08 22:34:16 UTC | Target Release | 2.2 | 2.1 |
| Andrej Nemec | 2016-12-09 14:04:51 UTC | Blocks | 1403245 | |
| Ken Dreyer (Red Hat) | 2016-12-09 16:02:10 UTC | Blocks | 1403007 | |
| kiran raje urs J | 2016-12-09 17:15:54 UTC | CC | kurs | |
| errata-xmlrpc | 2016-12-09 17:34:37 UTC | Status | MODIFIED | ON_QA |
| kiran raje urs J | 2016-12-12 07:20:12 UTC | QA Contact | ceph-qe-bugs | smanjara |
| shilpa | 2016-12-13 10:00:31 UTC | Status | ON_QA | VERIFIED |
| Siddharth Sharma | 2016-12-13 13:23:30 UTC | CC | sisharma | |
| Flags | needinfo?(mbenjamin) | |||
| Siddharth Sharma | 2016-12-13 17:07:08 UTC | Summary | An authenticated user can provoke an abort() of the RGW server by sending a request with an invalid HTTP Origin header, against buckets with CORS AllowedOrigin rules. | An anonymous user can provoke an abort() of the RGW server by sending a request with an invalid HTTP Origin header, against buckets with CORS AllowedOrigin rules. |
| errata-xmlrpc | 2016-12-15 12:43:57 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2016-12-15 16:49:26 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-12-15 11:49:26 UTC | |||
| Drew Harris | 2017-07-30 15:55:30 UTC | Sub Component | RGW | |
| CC | kbader | |||
| Component | Ceph | RGW | ||
| Red Hat One Jira (issues.redhat.com) | 2022-07-09 08:54:38 UTC | Link ID | Red Hat Issue Tracker RHCEPH-4725 |
Back to bug 1403003