Back to bug 2209494
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2023-05-24 03:46:14 UTC | CC | nodejs-maint, zsvetlik | |
| Sandipan Roy | 2023-05-24 03:54:46 UTC | Blocks | 2209110 | |
| Sandipan Roy | 2023-05-24 04:06:18 UTC | Severity | medium | low |
| Priority | medium | low | ||
| Sandipan Roy | 2023-05-24 04:23:20 UTC | Depends On | 2209542, 2209540, 2209547, 2209546, 2209543, 2209545, 2209539, 2209541, 2209544 | |
| Sandipan Roy | 2023-05-24 04:25:09 UTC | Depends On | 2209560, 2209563, 2209566, 2209564, 2209565, 2209562 | |
| RHEL Program Management Team | 2023-05-30 11:05:10 UTC | Depends On | 2211050 | |
| RHEL Program Management Team | 2023-05-30 11:05:17 UTC | Depends On | 2211051 | |
| RHEL Program Management Team | 2023-05-30 11:05:23 UTC | Depends On | 2211052 | |
| RHEL Program Management Team | 2023-05-30 11:05:43 UTC | Depends On | 2211053 | |
| RHEL Program Management Team | 2023-05-30 11:06:00 UTC | Depends On | 2211054 | |
| RHEL Program Management Team | 2023-06-05 14:45:16 UTC | Depends On | 2212438 | |
| RHEL Program Management Team | 2023-06-05 14:45:22 UTC | Depends On | 2212439 | |
| Guilherme de Almeida Suckevicz | 2023-06-13 16:35:39 UTC | CC | hhorak, jorton | |
| Guilherme de Almeida Suckevicz | 2023-06-13 16:39:28 UTC | Depends On | 2214631 | |
| errata-xmlrpc | 2023-06-14 07:27:20 UTC | Link ID | Red Hat Product Errata RHSA-2023:3577 | |
| errata-xmlrpc | 2023-06-14 08:39:11 UTC | Link ID | Red Hat Product Errata RHSA-2023:3586 | |
| errata-xmlrpc | 2023-06-14 18:03:10 UTC | Link ID | Red Hat Product Errata RHBA-2023:3603 | |
| errata-xmlrpc | 2023-06-19 00:24:48 UTC | Link ID | Red Hat Product Errata RHBA-2023:3657 | |
| errata-xmlrpc | 2023-06-19 13:27:36 UTC | Link ID | Red Hat Product Errata RHBA-2023:3666 | |
| Sandipan Roy | 2023-06-20 04:58:57 UTC | Doc Text | A vulnerbility was found in c-ares. This security vulnerability succours when cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. | |
| Sandipan Roy | 2023-06-20 05:01:03 UTC | Doc Text | A vulnerbility was found in c-ares. This security vulnerability succours when cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. | A vulnerability was found in c-ares. This security vulnerability succours when cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. |
| Paige Jung | 2023-06-20 13:21:03 UTC | Doc Text | A vulnerability was found in c-ares. This security vulnerability succours when cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. | A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand(), which could allow an attacker to utilize the lack of entropy by not using a CSPRNG. |
| Red Hat Bugzilla | 2023-07-07 08:35:02 UTC | Assignee | security-response-team | nobody |
| errata-xmlrpc | 2023-07-12 08:12:35 UTC | Link ID | Red Hat Product Errata RHSA-2023:4036 | |
| errata-xmlrpc | 2023-07-12 08:24:18 UTC | Link ID | Red Hat Product Errata RHSA-2023:4039 | |
| errata-xmlrpc | 2023-07-12 08:25:21 UTC | Link ID | Red Hat Product Errata RHSA-2023:4035 | |
| errata-xmlrpc | 2023-07-12 08:25:30 UTC | Link ID | Red Hat Product Errata RHSA-2023:4034 | |
| errata-xmlrpc | 2023-07-12 08:26:13 UTC | Link ID | Red Hat Product Errata RHSA-2023:4033 | |
| errata-xmlrpc | 2023-07-13 01:00:18 UTC | Link ID | Red Hat Product Errata RHBA-2023:4045 | |
| errata-xmlrpc | 2023-07-13 01:06:13 UTC | Link ID | Red Hat Product Errata RHBA-2023:4046 | |
| errata-xmlrpc | 2023-07-13 11:35:25 UTC | Link ID | Red Hat Product Errata RHBA-2023:4077 | |
| errata-xmlrpc | 2023-07-13 11:42:12 UTC | Link ID | Red Hat Product Errata RHBA-2023:4078 | |
| errata-xmlrpc | 2023-07-17 06:51:25 UTC | Link ID | Red Hat Product Errata RHBA-2023:4098 |
Back to bug 2209494