Back to bug 2057272
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2022-02-23 06:34:56 UTC | Blocks | 2050760 | |
| Anten Skrabec | 2022-03-21 21:23:16 UTC | Doc Text | Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). | |
| RaTasha Tillery-Smith | 2022-03-22 18:18:48 UTC | Doc Text | Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). | A flaw was found in envoy. This issue occurs when it does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server and only to those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). |
| RaTasha Tillery-Smith | 2022-03-22 18:19:01 UTC | Doc Text | A flaw was found in envoy. This issue occurs when it does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server and only to those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). | A flaw was found in envoy. This issue occurs when it does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, and only to those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). |
| Red Hat Bugzilla | 2023-02-03 23:11:31 UTC | CC | ovanders | |
| Sam Fowler | 2023-02-27 00:12:55 UTC | CC | jwendell, ovanders | |
| Red Hat Bugzilla | 2023-07-07 08:34:43 UTC | Assignee | security-response-team | nobody |
Back to bug 2057272