Back to bug 1930102
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2021-02-18 11:19:45 UTC | Depends On | 1930103 | |
| Marian Rehak | 2021-02-18 11:20:01 UTC | Blocks | 1930104 | |
| Eric Christensen | 2021-02-19 15:14:31 UTC | Doc Text | The PostgreSQL adapter in Active Record suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input. | |
| Yadnyawalk Tale | 2021-02-22 09:52:17 UTC | Depends On | 1931366 | |
| Yadnyawalk Tale | 2021-02-22 11:43:30 UTC | Fixed In Version | rubygem-activerecord 6.1.2.1, rubygem-activerecord 6.0.3.5, rubygem-activerecord 5.2.4.5 | |
| Tomas Hoger | 2021-02-24 12:44:03 UTC | Depends On | 1932282 | |
| Yadnyawalk Tale | 2021-02-24 13:17:18 UTC | Depends On | 1932300, 1932301 | |
| Chess Hazlett | 2021-03-02 18:25:42 UTC | CC | amackenz, amasferr, chazlett, drieden, mkudlej, tjochec | |
| Red Hat Bugzilla | 2021-04-04 12:46:28 UTC | CC | obarenbo | |
| Red Hat Bugzilla | 2021-07-27 00:20:16 UTC | CC | jfrey | |
| Chess Hazlett | 2021-11-03 23:40:32 UTC | Blocks | 1997390 | |
| Tomer Brisker | 2021-12-14 09:23:51 UTC | CC | tbrisker | |
| Red Hat Bugzilla | 2022-07-18 09:51:23 UTC | CC | mmccune | |
| Red Hat Bugzilla | 2023-05-15 18:09:19 UTC | CC | drieden | |
| Red Hat Bugzilla | 2023-05-15 20:19:02 UTC | CC | btotty | |
| Red Hat Bugzilla | 2023-07-07 08:29:31 UTC | Assignee | security-response-team | nobody |
Back to bug 1930102