Back to bug 1811712
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2020-03-09 15:27:57 UTC | CC | security-response-team | |
| Marian Rehak | 2020-03-09 15:45:05 UTC | Blocks | 1811724 | |
| Hardik Vyas | 2020-03-11 13:08:40 UTC | Priority | high | medium |
| Severity | high | medium | ||
| Hardik Vyas | 2020-03-11 14:12:49 UTC | Doc Text | A nonce reuse vulnerability was discovered in secure mode of messenger v2 protocol, which allows an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. | |
| Hardik Vyas | 2020-03-12 05:59:47 UTC | Summary | EMBARGOED ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions | EMBARGOED CVE-2020-1759 ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions |
| Alias | CVE-2020-1759 | |||
| Depends On | 1812762, 1812763 | |||
| Summer Long | 2020-03-12 06:28:11 UTC | Depends On | 1812773 | |
| Hardik Vyas | 2020-03-12 06:46:27 UTC | CC | anharris, idryomov, nojha, rzarzyns, sweil | |
| RaTasha Tillery-Smith | 2020-03-16 17:49:23 UTC | Doc Text | A nonce reuse vulnerability was discovered in secure mode of messenger v2 protocol, which allows an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. | A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. |
| Hardik Vyas | 2020-04-07 06:41:49 UTC | Deadline | 2020-04-06 | |
| Hardik Vyas | 2020-04-07 06:56:35 UTC | Group | security, qe_staff | |
| CC | adeza, danmick, david, fedora, i, josef, kkeithle, loic, ocs-bugs, ramkrsna, steve | |||
| Deadline | 2020-04-06 | |||
| Summary | EMBARGOED CVE-2020-1759 ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions | CVE-2020-1759 ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions | ||
| Hardik Vyas | 2020-04-07 06:57:04 UTC | Depends On | 1821586 | |
| Hardik Vyas | 2020-04-13 09:34:19 UTC | Fixed In Version | ceph 15.2.1 | |
| Hardik Vyas | 2020-04-15 13:56:10 UTC | Fixed In Version | ceph 15.2.1 | ceph 15.2.1, ceph 14.2.9 |
| PnT Account Manager | 2020-07-10 21:41:29 UTC | CC | kbasil | |
| PnT Account Manager | 2020-08-28 21:28:59 UTC | CC | srangach | |
| Red Hat Bugzilla | 2021-02-16 02:43:03 UTC | CC | adeza | |
| Kaleb KEITHLEY | 2021-03-19 17:36:53 UTC | CC | kkeithle | |
| Red Hat Bugzilla | 2021-06-22 00:27:33 UTC | CC | dbecker | |
| Red Hat Bugzilla | 2021-12-09 06:35:50 UTC | CC | sweil | |
| Red Hat Bugzilla | 2022-12-31 23:29:00 UTC | CC | branto | |
| Red Hat Bugzilla | 2022-12-31 23:39:42 UTC | CC | idryomov | |
| Red Hat Bugzilla | 2022-12-31 23:43:46 UTC | CC | rzarzyns | |
| Red Hat Bugzilla | 2023-01-01 06:02:27 UTC | CC | bniver | |
| Red Hat Bugzilla | 2023-01-01 08:38:41 UTC | CC | nojha | |
| Red Hat Bugzilla | 2023-01-01 08:44:08 UTC | CC | sostapov | |
| Alasdair Kergon | 2023-01-04 05:21:38 UTC | CC | nojha | |
| Alasdair Kergon | 2023-01-04 05:37:37 UTC | CC | rzarzyns | |
| Alasdair Kergon | 2023-01-04 05:43:50 UTC | CC | sostapov | |
| Alasdair Kergon | 2023-01-04 06:11:25 UTC | CC | bniver | |
| Alasdair Kergon | 2023-01-04 06:46:24 UTC | CC | idryomov | |
| Red Hat Bugzilla | 2023-01-31 23:38:55 UTC | CC | madam | |
| Red Hat Bugzilla | 2023-07-07 08:29:09 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team | |||
| Red Hat Bugzilla | 2023-08-03 08:29:02 UTC | CC | ocs-bugs |
Back to bug 1811712