Back to bug 2040839
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2022-01-14 19:30:40 UTC | Depends On | 2040843, 2040845, 2040842, 2040844, 2040841 | |
| Guilherme de Almeida Suckevicz | 2022-01-14 19:48:22 UTC | Blocks | 2040868 | |
| Sam Fowler | 2022-01-18 03:29:03 UTC | CC | bmontgom, eparis, jokerman, nstielau, sponnaga | |
| Cedric Buissart | 2022-01-20 12:41:23 UTC | Depends On | 2042970, 2042969, 2042964, 2042967, 2042965, 2042968 | |
| Cedric Buissart | 2022-01-21 16:04:39 UTC | Fixed In Version | node 12.22.9, node 14.18.3, node 16.13.2, node 17.3.1 | |
| Cedric Buissart | 2022-01-21 16:33:56 UTC | Doc Text | It was found that node.js accepted a certificate's Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. An active person in the middle could use possibly this flaw to forge a certificate and impersonate a trusted server. | |
| Cedric Buissart | 2022-01-21 17:14:38 UTC | Doc Text | It was found that node.js accepted a certificate's Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. An active person in the middle could use possibly this flaw to forge a certificate and impersonate a trusted server. | It was found that node.js accepted a certificate's Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. An active person in the middle could use possibly this flaw to forge a certificate and impersonate a trusted host. |
| RaTasha Tillery-Smith | 2022-01-21 18:12:53 UTC | Doc Text | It was found that node.js accepted a certificate's Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. An active person in the middle could use possibly this flaw to forge a certificate and impersonate a trusted host. | A flaw was found in node.js where it accepted a certificate's Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host. |
| Cedric Buissart | 2022-01-24 09:09:27 UTC | Comment | 0 | updated |
| Florencio Cano | 2022-01-26 16:33:09 UTC | CC | rfreiman | |
| Florencio Cano | 2022-01-26 16:33:39 UTC | Depends On | 2046369 | |
| Sage McTaggart | 2022-02-08 22:49:23 UTC | CC | amctagga | |
| Sage McTaggart | 2022-02-08 23:04:55 UTC | Depends On | 2052252 | |
| Red Hat Bugzilla | 2022-02-22 06:37:20 UTC | CC | jnakfour | |
| Red Hat Bugzilla | 2022-05-09 08:30:12 UTC | CC | aos-bugs | |
| Tomas Hoger | 2022-05-19 08:18:51 UTC | Depends On | 2086799 | |
| Tomas Hoger | 2022-05-19 08:18:54 UTC | Depends On | 2086800 | |
| Tomas Hoger | 2022-05-19 08:18:58 UTC | Depends On | 2086801 | |
| Tomas Hoger | 2022-05-19 08:19:01 UTC | Depends On | 2086802 | |
| Tomas Hoger | 2022-05-19 08:20:08 UTC | Depends On | 2087166 | |
| errata-xmlrpc | 2022-06-06 09:27:05 UTC | Link ID | Red Hat Product Errata RHSA-2022:4914 | |
| Product Security DevOps Team | 2022-06-06 12:47:00 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2022-06-06 12:47:00 UTC | |||
| Jan Staněk | 2022-10-06 13:46:08 UTC | Depends On | 2132705, 2132706 | |
| errata-xmlrpc | 2022-10-19 10:11:00 UTC | Link ID | Red Hat Product Errata RHSA-2022:7044 | |
| errata-xmlrpc | 2022-11-08 11:33:15 UTC | Link ID | Red Hat Product Errata RHSA-2022:7830 | |
| RHEL Program Management Team | 2022-12-02 13:58:48 UTC | Depends On | 2150314 | |
| RHEL Program Management Team | 2022-12-02 13:58:54 UTC | Depends On | 2150315 | |
| errata-xmlrpc | 2022-12-15 16:16:37 UTC | Link ID | Red Hat Product Errata RHSA-2022:9073 | |
| errata-xmlrpc | 2023-04-12 14:58:10 UTC | Link ID | Red Hat Product Errata RHSA-2023:1742 | |
| errata-xmlrpc | 2023-06-22 19:51:38 UTC | Link ID | Red Hat Product Errata RHSA-2023:3742 |
Back to bug 2040839