Back to bug 2196027
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Anten Skrabec | 2023-05-08 09:23:26 UTC | Summary | CVE-2023-24540 html/template: improper handling of JavaScript whitespace | CVE-2023-24540 golang: html/template: improper handling of JavaScript whitespace |
| Anten Skrabec | 2023-05-08 09:29:13 UTC | CC | abishop, alitke, amasferr, amctagga, ansmith, aoconnor, asm, aveerama, bbaude, bbuckingham, bcourt, bdettelb, bniver, bodavis, chazlett, cmarinea, cwelton, davidn, dbenoit, dcadzow, debarshir, desktop-qa-list, dholler, dkenigsb, dperaza, dshah, dsimansk, dwalsh, dymurray, eglynn, ehelms, ellin, emachado, epacific, fdeutsch, fjansen, flucifre, gmeno, gparvin, grafana-maint, ibolton, jcammara, jcantril, jchui, jhardy, jjoyce, jkoehler, jkurik, jligon, jmatthew, jmontleo, jneedle, jnovy, jobarker, joelsmith, jshaughn, jsherril, jwendell, lball, lhh, lsm5, lzap, mabashia, matzew, mbenjamin, mboddu, mburns, mcressma, mgarciac, mhackett, mheon, mhulan, mkudlej, mnewsome, mokumar, mrajanna, muagarwa, mwringe, myarboro, nathans, nbecker, nboldt, njean, nmoumoul, nobody, ocs-bugs, orabin, oramraz, osapryki, osbuilders, owatkins, pahickey, pakotvan, pcreech, pehunt, periklis, phoracek, pjindal, pthomas, rcernich, rchan, rgarg, rhcos-sst, rhos-maint, rhuss, rjohnson, rrajasek, saroy, scorneli, scox, sgott, shbose, simaishi, sipoyare, skontopo, slucidi, smcdonal, smullick, sostapov, spower, sseago, stcannon, stirabos, teagle, tjochec, tkral, tnielsen, tstellar, tsweeney, twalsh, ubhargav, umohnani, vereddy, whayutin, yguenane, ypadia, zsadeh | |
| Vipul Nair | 2023-05-08 09:51:54 UTC | CC | adudiak, kshier, tfister | |
| RaTasha Tillery-Smith | 2023-05-08 12:54:29 UTC | Doc Text | Not all valid JavaScript whitespace characters were considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. | A flaw was found in golang, where not all valid JavaScript whitespace characters were considered whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. |
| Anten Skrabec | 2023-05-09 15:32:09 UTC | Depends On | 2196629, 2196630 | |
| Anten Skrabec | 2023-05-09 15:34:28 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Anten Skrabec | 2023-05-09 15:42:52 UTC | Doc Text | A flaw was found in golang, where not all valid JavaScript whitespace characters were considered whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. | A flaw was found in golang, where not all valid JavaScript white space characters were considered white space. Templates containing white space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. |
| Anten Skrabec | 2023-05-11 08:32:20 UTC | CC | amasferr, ansmith, aveerama, bbaude, chazlett, cmarinea, debarshir, desktop-qa-list, dperaza, dshah, dsimansk, dwalsh, ellin, fjansen, grafana-maint, jchui, jkurik, jligon, jnovy, lball, lsm5, matzew, mboddu, mcressma, mheon, mkudlej, mokumar, nathans, nboldt, nobody, osbuilders, pakotvan, pehunt, pjindal, pthomas, rgarg, rhcos-sst, rhuss, rrajasek, saroy, scorneli, scox, shbose, skontopo, tjochec, tkral, tsweeney, ubhargav, umohnani | |
| Anten Skrabec | 2023-05-11 08:32:42 UTC | CC | ansmith, aveerama, bbaude, chazlett, debarshir, desktop-qa-list, dwalsh, ellin, grafana-maint, jkurik, jligon, jnovy, lsm5, mboddu, mcressma, mheon, mokumar, nathans, osbuilders, pehunt, pjindal, pthomas, rgarg, rhcos-sst, saroy, scorneli, scox, shbose, tsweeney, ubhargav, umohnani | |
| Anten Skrabec | 2023-05-11 08:33:00 UTC | CC | amasferr, dsimansk, lball, matzew, mkudlej, nboldt, rhuss, rrajasek, skontopo, tjochec | |
| Anten Skrabec | 2023-05-11 08:35:58 UTC | CC | abishop, alitke, amasferr, amctagga, ansmith, aoconnor, asm, aveerama, bbaude, bbuckingham, bcourt, bdettelb, bniver, bodavis, chazlett, cwelton, davidn, dbenoit, dcadzow, debarshir, desktop-qa-list, dholler, dkenigsb, dsimansk, dwalsh, dymurray, eglynn, ehelms, ellin, emachado, epacific, fdeutsch, flucifre, gmeno, gparvin, grafana-maint, ibolton, jcammara, jcantril, jhardy, jjoyce, jkoehler, jkurik, jligon, jmatthew, jmontleo, jneedle, jnovy, jobarker, joelsmith, jshaughn, jsherril, jwendell, lball, lhh, lsm5, lzap, mabashia, matzew, mbenjamin, mboddu, mburns, mcressma, mgarciac, mhackett, mheon, mhulan, mkudlej, mnewsome, mokumar, mrajanna, muagarwa, mwringe, myarboro, nathans, nbecker, nboldt, njean, nmoumoul, ocs-bugs, orabin, oramraz, osapryki, osbuilders, owatkins, pahickey, pcreech, pehunt, periklis, phoracek, pjindal, pthomas, rcernich, rchan, rgarg, rhcos-sst, rhuss, rjohnson, rrajasek, saroy, scorneli, scox, sgott, shbose, simaishi, sipoyare, skontopo, slucidi, smcdonal, smullick, sostapov, spower, sseago, stirabos, teagle, tjochec, tnielsen, tstellar, tsweeney, twalsh, ubhargav, umohnani, vereddy, whayutin, ypadia, zsadeh | |
| Anten Skrabec | 2023-05-11 08:37:14 UTC | CC | adudiak, dfreiber, jburrell, kshier, rogbas, stcannon, tfister, vkumar, yguenane | amctagga, aoconnor, asm, bniver, bodavis, dbenoit, emachado, flucifre, gmeno, mbenjamin, mhackett, mnewsome, sipoyare, sostapov, tstellar, vereddy |
| Anten Skrabec | 2023-05-11 08:37:25 UTC | CC | abishop, ansmith, aveerama, bbaude, bbuckingham, bcourt, chazlett, cwelton, davidn, dcadzow, debarshir, desktop-qa-list, dkenigsb, dwalsh, eglynn, ehelms, ellin, epacific, fdeutsch, grafana-maint, jcammara, jhardy, jjoyce, jkurik, jligon, jneedle, jnovy, jobarker, joelsmith, jsherril, lhh, lsm5, lzap, mabashia, mboddu, mburns, mcressma, mgarciac, mheon, mhulan, mokumar, myarboro, nathans, nbecker, nmoumoul, ocs-bugs, orabin, oramraz, osapryki, osbuilders, pcreech, pehunt, pjindal, pthomas, rchan, rgarg, rhcos-sst, saroy, scorneli, scox, sgott, shbose, simaishi, smcdonal, smullick, spower, teagle, tsweeney, ubhargav, umohnani, yguenane, zsadeh | |
| Anten Skrabec | 2023-05-11 08:37:40 UTC | CC | amasferr, bdettelb, dsimansk, dymurray, gparvin, ibolton, jcantril, jkoehler, jmatthew, jmontleo, lball, matzew, mkudlej, mrajanna, mwringe, nboldt, njean, owatkins, pahickey, periklis, rhuss, rjohnson, rrajasek, skontopo, slucidi, sseago, stcannon, tjochec, whayutin | |
| Anten Skrabec | 2023-05-11 08:38:04 UTC | CC | jwendell, rcernich, twalsh | |
| Anten Skrabec | 2023-05-11 08:40:45 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Anten Skrabec | 2023-05-11 09:28:18 UTC | Depends On | 2203130, 2203113, 2203112, 2203110, 2203121, 2203128, 2203111, 2203117, 2203122, 2203123, 2203119, 2203102, 2203108, 2203104, 2203114, 2203107, 2203101, 2203103, 2203105, 2203129, 2203126, 2203127, 2203109, 2203118, 2203120, 2203106, 2203116 | |
| Doug Hellmann | 2023-05-11 12:38:41 UTC | CC | dhellmann | |
| Doc Type | --- | If docs needed, set a value | ||
| Doug Hellmann | 2023-05-11 12:43:39 UTC | Flags | needinfo?(askrabec) | |
| RaTasha Tillery-Smith | 2023-05-11 12:55:10 UTC | Doc Text | A flaw was found in golang, where not all valid JavaScript white space characters were considered white space. Templates containing white space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. | A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution. |
| Anten Skrabec | 2023-05-11 15:11:36 UTC | Flags | needinfo?(askrabec) | |
| TEJ RATHI | 2023-05-11 16:36:00 UTC | Depends On | 2203261, 2203260 | |
| TEJ RATHI | 2023-05-15 15:59:04 UTC | Depends On | 2204474, 2204476, 2204477, 2204475, 2204472, 2204471, 2204473 | |
| Red Hat Bugzilla | 2023-05-15 18:03:38 UTC | CC | rrajasek | |
| Red Hat Bugzilla | 2023-05-15 18:50:35 UTC | CC | dcadzow | |
| TEJ RATHI | 2023-05-16 07:36:56 UTC | Depends On | 2207503, 2207502, 2207505, 2207515, 2207510, 2207509, 2207512, 2207514, 2207511, 2207506, 2207508, 2207504, 2207507, 2207513 | |
| TEJ RATHI | 2023-05-16 07:46:11 UTC | Depends On | 2207519, 2207522, 2207518, 2207521, 2207523, 2207520 | |
| TEJ RATHI | 2023-05-16 07:50:08 UTC | Depends On | 2207526, 2207525 | |
| Red Hat Bugzilla | 2023-05-16 09:27:27 UTC | CC | mokumar | |
| Marco Benatto | 2023-05-16 21:00:31 UTC | CC | dperaza, dshah, jchui, tkral | |
| David Benoit | 2023-05-19 11:48:15 UTC | Depends On | 2208521 | |
| David Benoit | 2023-05-19 12:01:26 UTC | Depends On | 2208523 | |
| David Benoit | 2023-05-19 12:07:02 UTC | Depends On | 2208525 | |
| David Benoit | 2023-05-19 13:12:56 UTC | Depends On | 2208539 | |
| David Benoit | 2023-05-19 13:30:00 UTC | Depends On | 2208549 | |
| David Benoit | 2023-05-22 13:30:25 UTC | Depends On | 2209068 | |
| errata-xmlrpc | 2023-05-25 07:53:54 UTC | Link ID | Red Hat Product Errata RHSA-2023:3318 | |
| errata-xmlrpc | 2023-05-25 08:01:31 UTC | Link ID | Red Hat Product Errata RHSA-2023:3319 | |
| errata-xmlrpc | 2023-05-25 12:26:23 UTC | Link ID | Red Hat Product Errata RHSA-2023:3323 | |
| errata-xmlrpc | 2023-05-29 01:09:23 UTC | Link ID | Red Hat Product Errata RHBA-2023:3338 | |
| Anten Skrabec | 2023-05-29 17:26:38 UTC | CC | adudiak, kshier, tfister | |
| errata-xmlrpc | 2023-05-31 11:17:05 UTC | Link ID | Red Hat Product Errata RHSA-2023:3379 | |
| errata-xmlrpc | 2023-05-31 19:38:19 UTC | Link ID | Red Hat Product Errata RHSA-2023:3415 | |
| Red Hat Bugzilla | 2023-05-31 23:37:30 UTC | CC | mrajanna | |
| errata-xmlrpc | 2023-06-05 09:29:16 UTC | Link ID | Red Hat Product Errata RHSA-2023:3435 | |
| errata-xmlrpc | 2023-06-05 14:08:27 UTC | Link ID | Red Hat Product Errata RHSA-2023:3445 | |
| errata-xmlrpc | 2023-06-06 15:17:48 UTC | Link ID | Red Hat Product Errata RHBA-2023:3492 | |
| errata-xmlrpc | 2023-06-07 01:51:03 UTC | Link ID | Red Hat Product Errata RHSA-2023:3367 | |
| errata-xmlrpc | 2023-06-07 02:02:31 UTC | Link ID | Red Hat Product Errata RHSA-2023:3366 | |
| errata-xmlrpc | 2023-06-07 20:59:47 UTC | Link ID | Red Hat Product Errata RHSA-2023:3410 | |
| errata-xmlrpc | 2023-06-07 21:17:17 UTC | Link ID | Red Hat Product Errata RHSA-2023:3409 | |
| errata-xmlrpc | 2023-06-08 20:33:54 UTC | Link ID | Red Hat Product Errata RHBA-2023:3554 | |
| errata-xmlrpc | 2023-06-14 04:21:40 UTC | Link ID | Red Hat Product Errata RHSA-2023:3545 | |
| Red Hat Bugzilla | 2023-06-14 21:29:44 UTC | CC | mcressma | |
| errata-xmlrpc | 2023-06-15 09:48:19 UTC | Link ID | Red Hat Product Errata RHSA-2023:3624 | |
| errata-xmlrpc | 2023-06-15 20:55:56 UTC | Link ID | Red Hat Product Errata RHSA-2023:3644 | |
| errata-xmlrpc | 2023-06-23 04:39:59 UTC | Link ID | Red Hat Product Errata RHSA-2023:3612 | |
| errata-xmlrpc | 2023-06-28 15:43:01 UTC | Link ID | Red Hat Product Errata RHSA-2023:3905 | |
| errata-xmlrpc | 2023-06-29 00:59:27 UTC | Link ID | Red Hat Product Errata RHSA-2023:3918 | |
| Joel Smith | 2023-06-29 21:45:52 UTC | CC | joelsmith | |
| errata-xmlrpc | 2023-07-06 02:22:48 UTC | Link ID | Red Hat Product Errata RHSA-2023:3915 | |
| errata-xmlrpc | 2023-07-06 02:33:04 UTC | Link ID | Red Hat Product Errata RHSA-2023:3911 | |
| errata-xmlrpc | 2023-07-06 02:44:37 UTC | Link ID | Red Hat Product Errata RHSA-2023:3914 | |
| errata-xmlrpc | 2023-07-06 02:57:49 UTC | Link ID | Red Hat Product Errata RHSA-2023:3910 | |
| Red Hat Bugzilla | 2023-07-07 08:27:42 UTC | Assignee | security-response-team | nobody |
| Carlos O'Donell | 2023-07-09 12:57:33 UTC | CC | mnewsome | |
| Debarshi Ray | 2023-07-10 15:37:11 UTC | Flags | needinfo?(askrabec) | |
| Anten Skrabec | 2023-07-10 16:59:08 UTC | Flags | needinfo?(askrabec) | needinfo?(trathi) |
| CC | trathi | |||
| TEJ RATHI | 2023-07-11 04:07:36 UTC | Flags | needinfo?(trathi) | |
| CC | nmontero | |||
| TEJ RATHI | 2023-07-11 04:09:11 UTC | Depends On | 2221850 | |
| Debarshi Ray | 2023-07-11 18:58:58 UTC | Flags | needinfo?(trathi) | |
| TEJ RATHI | 2023-07-12 05:01:52 UTC | Flags | needinfo?(trathi) | |
| Chess Hazlett | 2023-07-17 18:58:33 UTC | CC | ataylor, jross, rkieley | |
| errata-xmlrpc | 2023-07-27 00:53:34 UTC | Link ID | Red Hat Product Errata RHSA-2023:4289 | |
| errata-xmlrpc | 2023-08-01 14:36:01 UTC | Link ID | Red Hat Product Errata RHSA-2023:4420 | |
| errata-xmlrpc | 2023-08-01 14:51:37 UTC | Link ID | Red Hat Product Errata RHSA-2023:4421 | |
| Red Hat Bugzilla | 2023-08-03 08:27:53 UTC | CC | ocs-bugs | |
| errata-xmlrpc | 2023-08-03 14:12:37 UTC | Link ID | Red Hat Product Errata RHSA-2023:4470 | |
| errata-xmlrpc | 2023-08-03 23:22:30 UTC | Link ID | Red Hat Product Errata RHBA-2023:4485 | |
| errata-xmlrpc | 2023-08-08 00:36:40 UTC | Link ID | Red Hat Product Errata RHSA-2023:4335 | |
| errata-xmlrpc | 2023-08-14 01:02:59 UTC | Link ID | Red Hat Product Errata RHSA-2023:4627 | |
| errata-xmlrpc | 2023-08-16 14:09:50 UTC | Link ID | Red Hat Product Errata RHSA-2023:4664 |
Back to bug 2196027