Changes made to bug 2135435

Back to bug 2135435

Who	When	What	Removed	Added
Bishop Clark	2022-10-17 16:40:19 UTC	CC		bishop
Rodrigo A B Freire	2022-10-17 17:07:49 UTC	Comment	3	updated
Patrick Del Bello	2022-10-17 18:28:59 UTC	Doc Text		A flaw was found in Apache Commons Text package from 1.5 through 1.9. The versions affected allow an attacker to benefit from variable interpolation process contained in Apache Commons Text and cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and also unintentional contact to remote untrusted servers.
Chess Hazlett	2022-10-17 18:33:24 UTC	CC		aileenc, asoldano, ataylor, bbaranow, bmaxwell, brian.stansberry, cdewolf, darran.lofthouse, dosoudil, fjuma, gmalinko, iweiss, janstey, jpavlik, jross, jscholz, lgao, mmclaugh, mokumar, mosmerov, msochure, msvehla, nwallace, pdelbell, pmackay, rgodfrey, rkieley, rstancel, smaestri, tom.jenkinson
Chess Hazlett	2022-10-17 18:50:10 UTC	CC		alazarot, balejosg, cmoulliard, csutherl, emingora, eric.wittmann, etirelli, fmongiar, gjospin, gmorling, ibek, ikanello, jcantril, jclere, jnethert, jpechane, jpoth, jrokos, jstastny, kverlaen, mmadzin, mnovotny, pantinor, periklis, rguimara, rrajasek, szappis, tcunning, yfang
Paige Jung	2022-10-17 19:07:17 UTC	Doc Text	A flaw was found in Apache Commons Text package from 1.5 through 1.9. The versions affected allow an attacker to benefit from variable interpolation process contained in Apache Commons Text and cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and also unintentional contact to remote untrusted servers.	A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators.
Chess Hazlett	2022-10-17 20:45:57 UTC	Comment	4	updated
Chess Hazlett	2022-10-17 21:16:15 UTC	CC		kaycoth
Paige Jung	2022-10-17 21:41:02 UTC	Doc Text	A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators.	A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
Rodrigo A B Freire	2022-10-18 10:46:47 UTC	CC		rfreire
Rodrigo A B Freire	2022-10-18 11:48:18 UTC	CC	rfreire
Jeff Cantrill	2022-10-18 14:31:10 UTC	Flags		needinfo?(chazlett)
Chess Hazlett	2022-10-18 14:56:38 UTC	Flags	needinfo?(chazlett)
Chess Hazlett	2022-10-18 19:30:48 UTC	CC		bbuckingham, bcourt, btotty, ehelms, jsherril, lzap, mhulan, mmccune, myarboro, nmoumoul, orabin, pcreech, rchan
Chess Hazlett	2022-10-18 19:38:00 UTC	Depends On		2135924
Chess Hazlett	2022-10-18 19:47:57 UTC	CC		jburrell, tkral, vkumar
Chess Hazlett	2022-10-18 19:58:58 UTC	CC		abenaiss
Chess Hazlett	2022-10-18 19:59:53 UTC	Depends On		2135926
Sam Fowler	2022-10-18 23:58:16 UTC	CC		sfowler
Sam Fowler	2022-10-18 23:58:16 UTC	Flags		needinfo?(abenaiss)
Kazu Yoshida	2022-10-19 04:02:43 UTC	CC		kyoshida
ir. Jan Gerrit Kootstra	2022-10-20 17:49:49 UTC	CC		jangerrit.kootstra
Adrian Torres	2022-10-21 07:22:26 UTC	CC		atorresj
Adrian Torres	2022-10-21 07:23:08 UTC	CC	atorresj
Tomáš Král	2022-10-21 07:26:39 UTC	CC	tkral
Arne Gogala	2022-10-21 13:29:44 UTC	CC		jiri.blaha
		Flags		needinfo?(chazlett)
		CC		agogala
Rodrigo A B Freire	2022-10-24 18:07:47 UTC	CC		rfreire
Rodrigo A B Freire	2022-10-24 18:07:47 UTC	Flags	needinfo?(abenaiss) needinfo?(chazlett)
Rodrigo A B Freire	2022-10-24 18:08:40 UTC	CC	rfreire
Arne Gogala	2022-10-25 08:51:30 UTC	CC		rfreire
Arne Gogala	2022-10-25 08:51:30 UTC	Flags		needinfo?(rfreire)
Rainer Beyel	2022-10-25 13:58:55 UTC	CC		rbeyel
Rodrigo A B Freire	2022-10-25 22:51:25 UTC	CC	rfreire
Rodrigo A B Freire	2022-10-25 22:51:25 UTC	Flags	needinfo?(rfreire)
Rodrigo A B Freire	2022-10-26 13:48:26 UTC	Comment	30	updated
Rodrigo A B Freire	2022-10-26 13:54:30 UTC	CC		rfreire
Rodrigo A B Freire	2022-10-26 13:57:18 UTC	CC	rfreire
Patrick Del Bello	2022-10-26 19:54:38 UTC	CC		aboyko, boliveir, pdrozd, pskopek, sthorger
Chess Hazlett	2022-10-27 19:48:55 UTC	Resolution	---	ERRATA
		Status	NEW	CLOSED
		Last Closed		2022-10-27 19:48:55 UTC
Srikanth Balasubramanian	2022-11-01 11:22:11 UTC	CC		sbalasub
Ken Fowler	2022-11-01 12:55:35 UTC	CC		Ken.Fowler
Arne Gogala	2022-11-07 18:04:53 UTC	CC		boris.m
		Flags		needinfo?(rfreire)
		CC		rfreire
Rodrigo A B Freire	2022-11-08 14:42:01 UTC	Flags	needinfo?(rfreire)	needinfo?(proguski)
Rodrigo A B Freire	2022-11-08 14:42:01 UTC	CC		proguski
Przemyslaw Roguski	2022-11-08 17:37:46 UTC	Flags	needinfo?(proguski)
Rodrigo A B Freire	2022-11-18 19:23:30 UTC	CC		jnoh
Rodrigo A B Freire	2022-11-18 19:23:30 UTC	CC	rfreire
Ronit Dey	2022-11-23 14:33:42 UTC	Flags		needinfo?(sfowler)
Ronit Dey	2022-11-23 14:33:42 UTC	CC		rdey
Ronit Dey	2022-11-23 14:34:39 UTC	Status	CLOSED	NEW
		Resolution	ERRATA	---
		Keywords		Reopened
errata-xmlrpc	2022-11-28 14:40:24 UTC	Link ID		Red Hat Product Errata RHSA-2022:8652
Sam Fowler	2022-11-29 07:11:12 UTC	Flags	needinfo?(sfowler)
Amar Ganbat	2022-12-03 01:11:36 UTC	CC		juholmes
Amar Ganbat	2022-12-03 01:11:36 UTC	CC		aganbat
errata-xmlrpc	2022-12-07 08:20:13 UTC	Link ID		Red Hat Product Errata RHSA-2022:8876
errata-xmlrpc	2022-12-08 13:25:50 UTC	Link ID		Red Hat Product Errata RHSA-2022:8902
Product Security DevOps Team	2022-12-10 20:33:05 UTC	Status	NEW	CLOSED
		Resolution	---	ERRATA
		Last Closed	2022-10-27 19:48:55 UTC	2022-12-10 20:33:05 UTC
errata-xmlrpc	2022-12-14 13:15:27 UTC	CC	jiri.blaha
errata-xmlrpc	2022-12-14 13:15:27 UTC	Link ID		Red Hat Product Errata RHSA-2022:9023
Yadnyawalk Tale	2023-01-09 14:14:20 UTC	Depends On		2159406
Yadnyawalk Tale	2023-01-16 12:34:30 UTC	Depends On		2150122
errata-xmlrpc	2023-01-18 14:53:18 UTC	Link ID		Red Hat Product Errata RHSA-2023:0261
errata-xmlrpc	2023-01-26 09:42:57 UTC	Link ID		Red Hat Product Errata RHSA-2023:0469
errata-xmlrpc	2023-03-08 14:55:12 UTC	Link ID		Red Hat Product Errata RHSA-2023:1006
errata-xmlrpc	2023-04-05 23:27:35 UTC	Link ID		Red Hat Product Errata RHSA-2023:1524
jingjing niu	2023-04-12 08:42:13 UTC	Flags		needinfo?(chazlett)
jingjing niu	2023-04-12 08:42:13 UTC	CC		jniu
errata-xmlrpc	2023-04-12 11:58:55 UTC	Link ID		Red Hat Product Errata RHSA-2023:1655
Chess Hazlett	2023-04-12 16:08:43 UTC	Flags	needinfo?(chazlett)
errata-xmlrpc	2023-04-26 05:32:56 UTC	Link ID		Red Hat Product Errata RHSA-2023:1866
errata-xmlrpc	2023-05-03 13:20:03 UTC	Link ID		Red Hat Product Errata RHSA-2023:2097
errata-xmlrpc	2023-05-04 15:57:12 UTC	Link ID		Red Hat Product Errata RHSA-2023:2135
errata-xmlrpc	2023-05-17 16:19:34 UTC	Link ID		Red Hat Product Errata RHSA-2023:3195
errata-xmlrpc	2023-05-17 17:50:48 UTC	Link ID		Red Hat Product Errata RHSA-2023:3198
errata-xmlrpc	2023-05-24 17:10:56 UTC	Link ID		Red Hat Product Errata RHSA-2023:3299

Back to bug 2135435