Back to bug 2045880
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2022-01-25 20:36:42 UTC | CC | security-response-team | |
| Pedro Sampaio | 2022-01-25 20:38:34 UTC | Blocks | 2045882 | |
| Florencio Cano | 2022-01-28 07:13:13 UTC | CC | crarobin, jmadigan, ngough, pamccart | |
| Florencio Cano | 2022-01-28 07:13:45 UTC | CC | jwong | |
| Florencio Cano | 2022-01-28 07:18:46 UTC | CC | rfreiman | |
| Florencio Cano | 2022-01-28 07:21:28 UTC | Depends On | 2047626, 2047628 | |
| Florencio Cano | 2022-01-31 08:47:08 UTC | CC | fcanogab, jbuscemi | |
| Borja Tarraso | 2022-02-08 07:45:44 UTC | Depends On | 2051848 | |
| Guilherme de Almeida Suckevicz | 2022-02-15 16:35:45 UTC | Group | security, qe_staff | |
| CC | aos-bugs | |||
| Summary | EMBARGOED CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter | CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter | ||
| Sage McTaggart | 2022-02-18 19:35:00 UTC | Depends On | 2056104 | |
| Red Hat Bugzilla | 2022-02-22 06:37:13 UTC | CC | jnakfour | |
| Sage McTaggart | 2022-03-18 18:15:17 UTC | Doc Text | A denial of service attack was found in prometheus/client_golang. An attacker can produce a denial of service attack on a server using Go, using InstrumentHandlerCounter in the version below 1.12, producing a loss of availability. | |
| RaTasha Tillery-Smith | 2022-03-21 13:26:53 UTC | Doc Text | A denial of service attack was found in prometheus/client_golang. An attacker can produce a denial of service attack on a server using Go, using InstrumentHandlerCounter in the version below 1.12, producing a loss of availability. | A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on a server using Go, using the InstrumentHandlerCounter in the version below 1.12, resulting in a loss of availability. |
| Sage McTaggart | 2022-03-21 21:59:37 UTC | Depends On | 2066491, 2066492 | |
| Pedro Sampaio | 2022-03-23 13:56:50 UTC | Fixed In Version | prometheus/client_golang 1.11.1 | |
| Pedro Sampaio | 2022-03-23 14:29:50 UTC | CC | abenaiss, abishop, acui, adam.kaplan, admiller, agarcial, agerstmayr, alazar, alitke, amackenz, amasferr, amuller, amurdaca, anpicker, aos-apiserver-staff, aos-install, aos-network-edge-staff, aos-odin-bot, aos-storage-staff, aos-team-ota, arane, bbaude, bbennett, bcoca, bgilbert, bkundu, blaise, bradley.g.smith, carangog, carl, chazlett, chousekn, cmeyers, cnv-qe-bugs, container-sig, dagray, davidn, dcavalca, debarshir, dholler, dperaza, drieden, dustymabe, dwalsh, dwest, dwhatley, dymurray, ebakerupw, eglynn, erooth, etamir, ewolinet, fdeutsch, fpokorny, gblomqui, go-sig, grafana-maint, hchiramm, hhorak, ibolton, jakubr, jcajka, jcammara, jcantril, jchaloup, jchui, jerzhang, jesusr, jhadvig, jhardy, jhrozek, jitsingh, jjoyce, jkurik, jligon, jmatthew, jmencak, jmittapa, jmontleo, jnovy, jobarker, joelsmith, jortel, jrivera, jwendell, jwon, krathod, ktokunaga.mail, kwalker, lball, lgamliel, lhh, lhinds, lmadsen, lmeyer, lsm5, mabashia, madam, maszulik, matzew, mburns, mfilanov, mfojtik, mgarciac, mgoodwin, mheon, mkudlej, mrogers, mrunge, mskalicky, mthoemme, mwringe, nalin, nathans, nbecker, ngompa13, nobody, notting, obulatov, ocs-bugs, osapryki, oskutka, ovanders, patrick, pbhattac, pdhamdhe, pegoncal, pehunt, phoracek, pknezevi, pkubat, ploffay, pthomas, relrod, rh.container.bot, rhos-maint, rhuss, rpetrell, rphillips, rrajasek, ryncsn, sanchezl, santiago, sayan.chowdhury2012, scorneli, sd-operator-metering, sdoran, sejug, sgott, shardy, slaznick, slucidi, smcdonal, spandura, spasquie, spower, sseago, stirabos, sttts, suprs, surbania, team-winc, tflannag, thrcka, tjochec, tkral, tkuratom, tnielsen, tsweeney, umohnani, whayutin, xiyuan, xxia, yselkowi, zebob.m | |
| Pedro Sampaio | 2022-03-23 17:09:11 UTC | Comment | 0 | updated |
| Pedro Sampaio | 2022-03-23 17:13:49 UTC | Doc Text | A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on a server using Go, using the InstrumentHandlerCounter in the version below 1.12, resulting in a loss of availability. | A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on a HTTP server using the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. |
| Pedro Sampaio | 2022-03-23 17:15:04 UTC | Doc Text | A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on a HTTP server using the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. | A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server using the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. |
| Anten Skrabec | 2022-03-23 20:04:21 UTC | Doc Text | A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server using the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. | A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. |
| Anten Skrabec | 2022-03-23 20:26:03 UTC | Depends On | 2067364, 2067378, 2067356, 2067375, 2067347, 2067372, 2067351, 2067366, 2067346, 2067379, 2067350, 2067365, 2067383, 2067376, 2067385, 2067362, 2067353, 2067380, 2067360, 2067381, 2067348, 2067367, 2067369, 2067371, 2067374, 2067349, 2067373, 2067359, 2067363, 2067370, 2067358, 2067361, 2067352, 2067368, 2067355, 2067377, 2067382, 2067386, 2067357, 2067354 | |
| Anten Skrabec | 2022-03-23 20:35:42 UTC | Depends On | 2067410, 2067403, 2067413, 2067406, 2067404, 2067436, 2067445, 2067450, 2067401, 2067389, 2067424, 2067431, 2067416, 2067452, 2067433, 2067443, 2067415, 2067444, 2067453, 2067446, 2067439, 2067428, 2067402, 2067398, 2067451, 2067418, 2067449, 2067421, 2067425, 2067420, 2067440, 2067407, 2067397, 2067435, 2067437, 2067394, 2067390, 2067422, 2067426, 2067412, 2067393, 2067447, 2067432, 2067442, 2067441, 2067391, 2067405, 2067417, 2067454, 2067427, 2067409, 2067400, 2067411, 2067438, 2067419, 2067430, 2067434, 2067423, 2067414, 2067395, 2067448, 2067455, 2067399, 2067392, 2067429, 2067396 | |
| Anten Skrabec | 2022-03-23 20:37:37 UTC | Depends On | 2067457 | |
| Anten Skrabec | 2022-03-23 21:03:58 UTC | Depends On | 2067466, 2067477, 2067480, 2067479, 2067475, 2067469, 2067473, 2067472, 2067468, 2067474, 2067471, 2067467, 2067478, 2067476 | |
| Anten Skrabec | 2022-03-23 21:09:47 UTC | CC | alitke, dholler, fdeutsch, phoracek, sgott, stirabos | |
| Anten Skrabec | 2022-03-23 21:12:07 UTC | CC | alitke, dholler, fdeutsch, phoracek, sgott, stirabos | |
| Anten Skrabec | 2022-03-23 21:25:46 UTC | CC | alazar, ewolinet, joelsmith, lgamliel, lhinds, mfilanov | |
| Anten Skrabec | 2022-03-23 21:36:16 UTC | CC | alazar, ewolinet, joelsmith, lgamliel, lhinds, mfilanov | |
| Anten Skrabec | 2022-03-23 23:40:41 UTC | Depends On | 2067706 | |
| Anten Skrabec | 2022-03-24 03:59:40 UTC | Depends On | 2067761, 2067741, 2067734, 2067767, 2067737, 2067764, 2067762, 2067744, 2067769, 2067758, 2067733, 2067740, 2067763, 2067757, 2067738, 2067739, 2067731, 2067747, 2067750, 2067745, 2067754, 2067749, 2067760, 2067766, 2067765, 2067751, 2067736, 2067768, 2067743, 2067735, 2067746, 2067752, 2067759, 2067732, 2067748, 2067755, 2067742, 2067753, 2067756 | |
| Anten Skrabec | 2022-03-24 04:09:35 UTC | Depends On | 2067776, 2067794, 2067807, 2067786, 2067788, 2067799, 2067806, 2067793, 2067779, 2067787, 2067804, 2067814, 2067789, 2067798, 2067781, 2067813, 2067783, 2067812, 2067780, 2067802, 2067797, 2067792, 2067808, 2067790, 2067805, 2067791, 2067801, 2067775, 2067796, 2067800, 2067803, 2067795, 2067777, 2067785, 2067782, 2067778, 2067809, 2067784, 2067811, 2067810 | |
| Anten Skrabec | 2022-03-24 04:18:09 UTC | Depends On | 2067854, 2067846, 2067842, 2067856, 2067819, 2067845, 2067825, 2067833, 2067844, 2067831, 2067847, 2067839, 2067828, 2067827, 2067855, 2067823, 2067821, 2067834, 2067820, 2067824, 2067837, 2067817, 2067843, 2067848, 2067818, 2067829, 2067836, 2067840, 2067849, 2067832, 2067841, 2067822, 2067835, 2067826, 2067857, 2067830, 2067816, 2067850, 2067851, 2067852, 2067853, 2067838 | |
| Anten Skrabec | 2022-03-24 04:32:46 UTC | Depends On | 2067877, 2067894, 2067889, 2067878, 2067888, 2067873, 2067884, 2067879, 2067890, 2067869, 2067880, 2067863, 2067860, 2067899, 2067867, 2067892, 2067871, 2067883, 2067859, 2067891, 2067882, 2067872, 2067893, 2067868, 2067896, 2067874, 2067864, 2067861, 2067887, 2067875, 2067865, 2067881, 2067886, 2067898, 2067876, 2067866, 2067870, 2067895, 2067862, 2067885 | |
| Anten Skrabec | 2022-03-24 05:00:13 UTC | Depends On | 2067915, 2067914, 2067907, 2067908, 2067905, 2067904, 2067909, 2067916, 2067912, 2067902, 2067913, 2067906, 2067901, 2067911, 2067917, 2067903, 2067910 | |
| Yaakov Selkowitz | 2022-03-24 05:06:09 UTC | CC | yselkowi | |
| Anten Skrabec | 2022-03-24 05:21:25 UTC | Depends On | 2067928, 2067930, 2067934, 2067923, 2067933, 2067944, 2067927, 2067922, 2067924, 2067926, 2067937, 2067921, 2067939, 2067941, 2067932, 2067935, 2067929, 2067919, 2067938, 2067936, 2067931, 2067942, 2067925, 2067943, 2067920, 2067940 | |
| Mauro Matteo Cascella | 2022-03-24 14:45:03 UTC | Depends On | 2068158, 2068152, 2068164, 2068162, 2068165, 2068160, 2068155, 2068166, 2068163, 2068154, 2068156, 2068161, 2068157, 2068150, 2068167, 2068169, 2068168, 2068151, 2068153, 2068159 | |
| Mauro Matteo Cascella | 2022-03-24 15:04:35 UTC | Comment | 0 | updated |
| Przemyslaw Roguski | 2022-03-24 17:47:33 UTC | Depends On | 2068230 | |
| Przemyslaw Roguski | 2022-03-24 17:50:30 UTC | Depends On | 2068232 | |
| Przemyslaw Roguski | 2022-03-24 17:55:10 UTC | Depends On | 2066491 | |
| Przemyslaw Roguski | 2022-03-24 17:56:07 UTC | Depends On | 2066492 | |
| Pierre Prinetti | 2022-04-04 07:12:54 UTC | Depends On | 2071538 | |
| Tomas Hoger | 2022-04-06 11:58:49 UTC | Depends On | 2070587 | |
| Tomas Hoger | 2022-04-06 11:58:55 UTC | Depends On | 2070589 | |
| Tomas Hoger | 2022-04-06 11:59:02 UTC | Depends On | 2070590 | |
| Tomas Hoger | 2022-04-06 11:59:07 UTC | Depends On | 2070592 | |
| Tomas Hoger | 2022-04-06 11:59:12 UTC | Depends On | 2070593 | |
| Anten Skrabec | 2022-04-07 19:48:27 UTC | Depends On | 2073167 | |
| errata-xmlrpc | 2022-04-20 22:57:38 UTC | Link ID | Red Hat Product Errata RHSA-2022:1461 | |
| errata-xmlrpc | 2022-04-21 13:15:54 UTC | Link ID | Red Hat Product Errata RHSA-2022:1356 | |
| Product Security DevOps Team | 2022-04-21 16:09:55 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2022-04-21 16:09:55 UTC | |||
| Jeff Fearn 🐞 | 2022-05-03 00:25:59 UTC | CC | aos-apiserver-staff | |
| Brenton Leanhardt | 2022-05-06 12:34:05 UTC | CC | aos-team-ota | |
| Brenton Leanhardt | 2022-05-06 12:34:46 UTC | CC | aos-team-ota | |
| errata-xmlrpc | 2022-05-10 13:18:07 UTC | Link ID | Red Hat Product Errata RHSA-2022:1762 | |
| errata-xmlrpc | 2022-05-11 01:09:26 UTC | Link ID | Red Hat Product Errata RHBA-2022:2176 | |
| Thomas Jungblut | 2022-05-11 11:09:13 UTC | Depends On | 2077498 | |
| errata-xmlrpc | 2022-05-11 18:50:47 UTC | Link ID | Red Hat Product Errata RHSA-2022:2216 | |
| errata-xmlrpc | 2022-05-11 19:52:22 UTC | CC | tflannag | |
| Link ID | Red Hat Product Errata RHSA-2022:2218 | |||
| errata-xmlrpc | 2022-05-11 20:33:44 UTC | Link ID | Red Hat Product Errata RHSA-2022:2217 | |
| Benjamin Gilbert | 2022-05-13 18:03:55 UTC | CC | bgilbert | |
| errata-xmlrpc | 2022-05-18 15:55:20 UTC | Link ID | Red Hat Product Errata RHSA-2022:4667 | |
| errata-xmlrpc | 2022-05-18 20:26:54 UTC | Link ID | Red Hat Product Errata RHSA-2022:4668 | |
| errata-xmlrpc | 2022-05-31 05:42:15 UTC | Link ID | Red Hat Product Errata RHSA-2022:2280 | |
| errata-xmlrpc | 2022-06-14 17:42:28 UTC | Link ID | Red Hat Product Errata RHSA-2022:5026 | |
| Tomas Hoger | 2022-06-15 20:16:03 UTC | Depends On | 2070597 | |
| Tomas Hoger | 2022-06-15 20:16:25 UTC | Depends On | 2070598 | |
| Tomas Hoger | 2022-06-15 20:20:02 UTC | Depends On | 2070599 | |
| Christoph Stäbler | 2022-07-18 07:50:25 UTC | Depends On | 2107983 | |
| Petr Horáček | 2022-08-01 10:48:12 UTC | CC | phoracek | |
| errata-xmlrpc | 2022-08-10 10:08:34 UTC | Link ID | Red Hat Product Errata RHSA-2022:5068 | |
| errata-xmlrpc | 2022-08-10 10:23:20 UTC | Link ID | Red Hat Product Errata RHSA-2022:5070 | |
| errata-xmlrpc | 2022-08-10 10:34:19 UTC | Link ID | Red Hat Product Errata RHSA-2022:5069 | |
| errata-xmlrpc | 2022-08-10 11:36:36 UTC | Link ID | Red Hat Product Errata RHSA-2022:6042 | |
| errata-xmlrpc | 2022-08-10 13:14:54 UTC | Link ID | Red Hat Product Errata RHSA-2022:6040 | |
| errata-xmlrpc | 2022-08-15 09:17:33 UTC | Link ID | Red Hat Product Errata RHSA-2022:6061 | |
| errata-xmlrpc | 2022-08-15 09:46:14 UTC | Link ID | Red Hat Product Errata RHSA-2022:6066 | |
| errata-xmlrpc | 2022-08-18 16:04:41 UTC | Link ID | Red Hat Product Errata RHSA-2022:6051 | |
| Sam Fowler | 2022-08-18 23:18:38 UTC | Depends On | 2114962 | |
| Avinash Hanwate | 2022-08-23 13:13:23 UTC | CC | tohughes | |
| Depends On | 2120648, 2120647 | |||
| errata-xmlrpc | 2022-08-24 13:46:18 UTC | Link ID | Red Hat Product Errata RHSA-2022:6156 | |
| errata-xmlrpc | 2022-09-01 01:24:41 UTC | Link ID | Red Hat Product Errata RHSA-2022:6290 | |
| errata-xmlrpc | 2022-09-13 02:09:58 UTC | Link ID | Red Hat Product Errata RHSA-2022:6430 | |
| Jan Kurik | 2022-09-13 05:41:27 UTC | CC | jkurik | |
| errata-xmlrpc | 2022-09-14 19:27:26 UTC | Link ID | Red Hat Product Errata RHSA-2022:6526 | |
| errata-xmlrpc | 2022-09-20 08:13:49 UTC | Link ID | Red Hat Product Errata RHSA-2022:6537 | |
| errata-xmlrpc | 2022-10-31 10:58:51 UTC | Link ID | Red Hat Product Errata RHSA-2022:7261 | |
| Przemyslaw Roguski | 2022-11-04 09:54:35 UTC | Depends On | 2067892 | |
| errata-xmlrpc | 2022-11-08 09:25:32 UTC | Link ID | Red Hat Product Errata RHSA-2022:7519 | |
| errata-xmlrpc | 2022-11-08 09:28:01 UTC | Link ID | Red Hat Product Errata RHSA-2022:7529 | |
| errata-xmlrpc | 2022-11-15 10:05:54 UTC | Link ID | Red Hat Product Errata RHSA-2022:8057 | |
| errata-xmlrpc | 2023-01-17 19:37:00 UTC | Link ID | Red Hat Product Errata RHSA-2022:7399 | |
| errata-xmlrpc | 2023-01-30 05:48:23 UTC | Link ID | Red Hat Product Errata RHSA-2022:9096 | |
| errata-xmlrpc | 2023-02-07 06:18:44 UTC | Link ID | Red Hat Product Errata RHSA-2023:0566 | |
| Yadnyawalk Tale | 2023-02-09 10:41:50 UTC | CC | ytale | |
| errata-xmlrpc | 2023-02-15 05:11:24 UTC | Link ID | Red Hat Product Errata RHSA-2023:0652 | |
| errata-xmlrpc | 2023-03-14 11:26:06 UTC | Link ID | Red Hat Product Errata RHSA-2023:1158 | |
| Yadnyawalk Tale | 2023-03-17 06:53:07 UTC | Depends On | 2168547 | |
| Joel Smith | 2023-03-24 15:05:35 UTC | CC | joelsmith | |
| errata-xmlrpc | 2023-05-02 01:53:14 UTC | Link ID | Red Hat Product Errata RHSA-2023:2014 | |
| errata-xmlrpc | 2023-05-17 22:31:04 UTC | Link ID | Red Hat Product Errata RHSA-2023:1326 | |
| Chess Hazlett | 2023-07-17 18:59:23 UTC | CC | ataylor, jross, rkieley |
Back to bug 2045880