Back to bug 2134291
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Patrick Del Bello | 2022-10-13 06:13:28 UTC | CC | aileenc, alazarot, anstephe, asoldano, ataylor, avibelli, balejosg, bbaranow, bbuckingham, bcourt, bgeorges, bmaxwell, brian.stansberry, btotty, cdewolf, chazlett, clement.escoffier, dandread, darran.lofthouse, dkreling, dosoudil, ehelms, emingora, eric.wittmann, etirelli, fjuma, fmongiar, gjospin, gmalinko, gmorling, gsmet, hamadhan, ibek, iweiss, janstey, jcantril, jnethert, jochrist, jpavlik, jpechane, jpoth, jrokos, jross, jscholz, jsherril, jstastny, jwon, krathod, kverlaen, lgao, lthon, lzap, mhulan, mmccune, mmclaugh, mnovotny, mokumar, mosmerov, msochure, msvehla, myarboro, nmoumoul, nwallace, orabin, pantinor, pcreech, pdelbell, peholase, periklis, pgallagh, pjindal, pmackay, probinso, rchan, rguimara, rkieley, rrajasek, rruss, rstancel, rsvoboda, sbiarozk, sdouglas, smaestri, tcunning, tom.jenkinson, yfang | |
| Patrick Del Bello | 2022-10-13 06:25:36 UTC | Depends On | 2134303, 2134304 | |
| Red Hat Bugzilla | 2022-10-28 13:12:55 UTC | CC | krathod | |
| Red Hat Bugzilla | 2022-10-31 23:25:35 UTC | CC | gmorling | |
| Red Hat Bugzilla | 2022-11-14 23:22:55 UTC | CC | jstastny | |
| Patrick Del Bello | 2022-11-18 17:35:39 UTC | Doc Text | A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. | A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users making use of the DTD parsing functionality. |
| Fixed In Version | woodstox-core 6.4.0, woodstox-core 5.4.0 | |||
| Summary | CVE-2022-40152 xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks | CVE-2022-40152 woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks | ||
| Patrick Del Bello | 2022-11-18 17:37:10 UTC | CC | alazarot, asoldano, ataylor, bbaranow, bmaxwell, brian.stansberry, cdewolf, darran.lofthouse, dosoudil, emingora, eric.wittmann, etirelli, fjuma, gjospin, ibek, iweiss, jpechane, jrokos, jross, jscholz, kverlaen, lgao, mizdebsk, mmclaugh, mnovotny, mokumar, mosmerov, msochure, msvehla, nwallace, pmackay, rguimara, rkieley, rrajasek, rstancel, smaestri, tom.jenkinson | |
| Patrick Del Bello | 2022-11-18 17:37:19 UTC | CC | abenaiss, aboyko, alazarot, asoldano, ataylor, bbaranow, bmaxwell, boliveir, brian.stansberry, cdewolf, darran.lofthouse, dosoudil, eglynn, emingora, eric.wittmann, etirelli, fjuma, gjospin, gmorling, ibek, iweiss, jjoyce, jolee, jpechane, jrokos, jross, jschatte, jscholz, jstastny, kverlaen, lgao, lhh, lpeer, max.andersen, mburns, mgarciac, mizdebsk, mkolesni, mmclaugh, mnovotny, mokumar, mosmerov, msochure, msvehla, nwallace, pdrozd, pmackay, pskopek, rguimara, rkieley, rrajasek, rstancel, scohen, smaestri, spower, sthorger, tkral, tom.jenkinson | |
| Patrick Del Bello | 2022-11-18 17:41:03 UTC | CC | ataylor, clement.escoffier, dandread, gsmet, hamadhan, jpoth, jross, jscholz, max.andersen, mmclaugh, mokumar, probinso, rkieley, rsvoboda, sbiarozk, sdouglas, tcunning, yfang | |
| Patrick Del Bello | 2022-11-18 17:42:26 UTC | CC | ataylor, clement.escoffier, dandread, gsmet, hamadhan, jpoth, jross, max.andersen, mokumar, probinso, rkieley, rsvoboda, sbiarozk, sdouglas, tcunning, yfang | |
| Red Hat Bugzilla | 2022-12-31 23:43:23 UTC | CC | aboyko | |
| Tomáš Král | 2023-01-10 15:10:09 UTC | CC | tkral | |
| Avinash Hanwate | 2023-01-19 05:17:04 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Avinash Hanwate | 2023-01-19 05:18:08 UTC | Depends On | 2162205 | |
| errata-xmlrpc | 2023-01-26 09:42:35 UTC | Link ID | Red Hat Product Errata RHSA-2023:0469 | |
| errata-xmlrpc | 2023-01-31 13:10:58 UTC | Link ID | Red Hat Product Errata RHSA-2023:0553 | |
| errata-xmlrpc | 2023-01-31 13:14:55 UTC | Link ID | Red Hat Product Errata RHSA-2023:0552 | |
| errata-xmlrpc | 2023-01-31 13:18:32 UTC | Link ID | Red Hat Product Errata RHSA-2023:0554 | |
| errata-xmlrpc | 2023-01-31 13:19:45 UTC | Link ID | Red Hat Product Errata RHSA-2023:0556 | |
| Product Security DevOps Team | 2023-02-02 05:25:58 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2023-02-02 05:25:58 UTC | |||
| errata-xmlrpc | 2023-05-03 14:06:03 UTC | Link ID | Red Hat Product Errata RHSA-2023:2100 | |
| errata-xmlrpc | 2023-05-24 17:10:50 UTC | Link ID | Red Hat Product Errata RHSA-2023:3299 | |
| errata-xmlrpc | 2023-06-15 15:24:09 UTC | Link ID | Red Hat Product Errata RHSA-2023:3641 | |
| errata-xmlrpc | 2023-06-27 11:29:04 UTC | Link ID | Red Hat Product Errata RHSA-2023:3815 |
Back to bug 2134291