Back to bug 2040846
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2022-01-14 19:35:00 UTC | Depends On | 2040848, 2040849, 2040851, 2040847, 2040850 | |
| Guilherme de Almeida Suckevicz | 2022-01-14 19:48:22 UTC | Blocks | 2040868 | |
| Sam Fowler | 2022-01-18 03:29:18 UTC | CC | bmontgom, eparis, jokerman, nstielau, sponnaga | |
| Cedric Buissart | 2022-01-20 12:55:42 UTC | Depends On | 2042980, 2042983, 2042978, 2042979, 2042981, 2042977 | |
| Cedric Buissart | 2022-01-21 16:35:29 UTC | Fixed In Version | node 12.22.9, node 14.18.3, node 16.13.2, node 17.3.1 | |
| Cedric Buissart | 2022-01-21 17:16:04 UTC | Doc Text | It was found that node.js did not safely read the x509 certificate generalFormat properly, resulting in injected data. A certificate could use a specially crafted Subject Alternative Names entry to be successfully validated, permitting an attacker to impersonate a trusted host. | |
| Cedric Buissart | 2022-01-21 17:17:46 UTC | Doc Text | It was found that node.js did not safely read the x509 certificate generalFormat properly, resulting in injected data. A certificate could use a specially crafted Subject Alternative Names entry to be successfully validated, permitting an attacker to impersonate a trusted host. | It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in injected data. A certificate could use a specially crafted Subject Alternative Names entry to be successfully validated, permitting an attacker to impersonate a trusted host. |
| Cedric Buissart | 2022-01-21 17:19:26 UTC | Doc Text | It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in injected data. A certificate could use a specially crafted Subject Alternative Names entry to be successfully validated, permitting an attacker to impersonate a trusted host. | It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host. |
| Cedric Buissart | 2022-01-24 09:10:45 UTC | Comment | 0 | updated |
| Florencio Cano | 2022-01-26 16:20:29 UTC | CC | rfreiman | |
| Florencio Cano | 2022-01-26 16:24:38 UTC | Depends On | 2046354 | |
| Daniel Erez | 2022-02-07 16:28:52 UTC | Depends On | 2046369 | |
| Sage McTaggart | 2022-02-08 22:48:27 UTC | CC | amctagga | |
| Sage McTaggart | 2022-02-08 23:04:55 UTC | Depends On | 2052252 | |
| Red Hat Bugzilla | 2022-02-22 06:37:26 UTC | CC | jnakfour | |
| Red Hat Bugzilla | 2022-05-09 08:30:21 UTC | CC | aos-bugs | |
| Tomas Hoger | 2022-05-19 08:19:05 UTC | Depends On | 2086804 | |
| Tomas Hoger | 2022-05-19 08:19:09 UTC | Depends On | 2086805 | |
| Tomas Hoger | 2022-05-19 08:19:12 UTC | Depends On | 2086806 | |
| Tomas Hoger | 2022-05-19 08:19:16 UTC | Depends On | 2086807 | |
| Tomas Hoger | 2022-05-19 08:20:12 UTC | Depends On | 2087167 | |
| errata-xmlrpc | 2022-06-06 09:27:14 UTC | Link ID | Red Hat Product Errata RHSA-2022:4914 | |
| Product Security DevOps Team | 2022-06-06 12:47:54 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2022-06-06 12:47:54 UTC | |||
| Jan Staněk | 2022-10-06 13:47:25 UTC | Depends On | 2132707, 2132708 | |
| errata-xmlrpc | 2022-10-19 10:09:56 UTC | Link ID | Red Hat Product Errata RHSA-2022:7044 | |
| errata-xmlrpc | 2022-11-08 11:33:17 UTC | Link ID | Red Hat Product Errata RHSA-2022:7830 | |
| RHEL Program Management Team | 2022-12-02 13:59:12 UTC | Depends On | 2150316 | |
| RHEL Program Management Team | 2022-12-02 13:59:18 UTC | Depends On | 2150317 | |
| errata-xmlrpc | 2022-12-15 16:16:38 UTC | Link ID | Red Hat Product Errata RHSA-2022:9073 | |
| errata-xmlrpc | 2023-04-12 14:58:14 UTC | Link ID | Red Hat Product Errata RHSA-2023:1742 | |
| errata-xmlrpc | 2023-06-22 19:51:38 UTC | Link ID | Red Hat Product Errata RHSA-2023:3742 |
Back to bug 2040846