Back to bug 2212085
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Nick Tait | 2023-06-03 18:14:25 UTC | CC | security-response-team | |
| Nick Tait | 2023-06-03 18:15:28 UTC | Blocks | 2212086 | |
| Nick Tait | 2023-06-03 18:22:11 UTC | CC | joelsmith | |
| Nick Tait | 2023-06-03 18:25:22 UTC | Alias | woodpecker | |
| Jeremy West | 2023-06-03 21:54:52 UTC | CC | jwest | |
| Hardik Vyas | 2023-06-05 12:00:43 UTC | Blocks | 2211655 | |
| CC | hvyas | |||
| Avinash Hanwate | 2023-06-05 13:02:15 UTC | Comment | 0 | updated |
| Avinash Hanwate | 2023-06-05 13:04:16 UTC | CC | ahanwate | |
| Avinash Hanwate | 2023-06-05 13:07:00 UTC | Group | team ocp_embargoes | |
| Avinash Hanwate | 2023-06-05 14:05:00 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Severity | urgent | high | ||
| Priority | urgent | high | ||
| Marian Rehak | 2023-06-05 14:15:45 UTC | CC | mrehak | |
| Anten Skrabec | 2023-06-05 15:34:08 UTC | Doc Text | A flaw was found in Red Hat OpenShift Container Platform where at compile time, golang CGO integration was disabled, preventing the integration of openssl and instead using golang's standard library. | |
| Paige Jung | 2023-06-05 15:46:35 UTC | Doc Text | A flaw was found in Red Hat OpenShift Container Platform where at compile time, golang CGO integration was disabled, preventing the integration of openssl and instead using golang's standard library. | A flaw was found in the Red Hat OpenShift Container Platform. At compile time, golang CGO integration was disabled, preventing the integration of openssl, using golang's standard library instead. |
| Paige Jung | 2023-06-05 15:47:05 UTC | Doc Text | A flaw was found in the Red Hat OpenShift Container Platform. At compile time, golang CGO integration was disabled, preventing the integration of openssl, using golang's standard library instead. | A flaw was found in the Red Hat OpenShift Container Platform. At compile time golang CGO integration was disabled, preventing the integration of openssl, using golang's standard library instead. |
| Nick Tait | 2023-06-06 19:57:07 UTC | Severity | high | medium |
| Priority | high | medium | ||
| Petr Matousek | 2023-06-08 09:03:56 UTC | CC | pmatouse | |
| Flags | needinfo?(ahanwate) | |||
| Nick Tait | 2023-06-08 16:31:15 UTC | Doc Text | A flaw was found in the Red Hat OpenShift Container Platform. At compile time golang CGO integration was disabled, preventing the integration of openssl, using golang's standard library instead. | A flaw was found in the Red Hat OpenShift Container Platform. A compile time flag was not consistently enforced across all containers, whereby OCP utilized openssl instead of Golang's standard library for cryptographic functions. |
| Nick Tait | 2023-06-08 16:52:07 UTC | Doc Text | A flaw was found in the Red Hat OpenShift Container Platform. A compile time flag was not consistently enforced across all containers, whereby OCP utilized openssl instead of Golang's standard library for cryptographic functions. | A flaw was found in the Red Hat OpenShift Container Platform. A compile time flag was not consistently enforced across all containers, which allowed OCP in some cases to use the cryptographic functions of Golang's standard library instead of the FIPS-validated OpenSSL package . |
| Nick Tait | 2023-06-08 21:13:16 UTC | Flags | needinfo?(ahanwate) | |
| Petr Matousek | 2023-06-09 07:38:20 UTC | Flags | needinfo?(ntait) | |
| Petr Matousek | 2023-06-12 08:58:00 UTC | Flags | needinfo?(ntait) | |
| Nick Tait | 2023-06-22 20:28:02 UTC | Deadline | 2023-06-29 | |
| Nick Tait | 2023-06-27 16:09:22 UTC | Deadline | 2023-06-29 | 2023-07-05 |
| Nick Tait | 2023-06-30 01:00:31 UTC | CC | amctagga, bdettelb, chazlett, dcadzow, dkenigsb, dsimansk, fdeutsch, gparvin, jcantril, jross, jscholz, jwendell, lball, matzew, njean, oramraz, owatkins, pahickey, periklis, rcernich, rhuss, skontopo, smullick, stcannon, swoodman, teagle, twalsh | |
| Nick Tait | 2023-06-30 23:28:09 UTC | CC | jcantril, periklis | |
| Nick Tait | 2023-07-01 17:08:51 UTC | Summary | EMBARGOED CVE-2023-3089 openshift: OCP does not use FIPS-certified cryptography | EMBARGOED CVE-2023-3089 openshift: OCP & FIPS mode |
| Nick Tait | 2023-07-01 23:28:00 UTC | Doc Text | A flaw was found in the Red Hat OpenShift Container Platform. A compile time flag was not consistently enforced across all containers, which allowed OCP in some cases to use the cryptographic functions of Golang's standard library instead of the FIPS-validated OpenSSL package . | A compliance problem was found in Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. |
| RaTasha Tillery-Smith | 2023-07-03 17:01:09 UTC | Doc Text | A compliance problem was found in Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. | A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. |
| Red Hat Bugzilla | 2023-07-03 17:01:09 UTC | CC | security-response-team | |
| Sandipan Roy | 2023-07-05 12:00:31 UTC | CC | chfoley | |
| Group | security, team ocp_embargoes, qe_staff | |||
| Fixed In Version | openshift-4.12.0 | |||
| Deadline | 2023-07-05 | |||
| Summary | EMBARGOED CVE-2023-3089 openshift: OCP & FIPS mode | CVE-2023-3089 openshift: OCP & FIPS mode | ||
| errata-xmlrpc | 2023-07-06 02:22:46 UTC | Link ID | Red Hat Product Errata RHSA-2023:3915 | |
| errata-xmlrpc | 2023-07-06 02:33:00 UTC | Link ID | Red Hat Product Errata RHSA-2023:3911 | |
| errata-xmlrpc | 2023-07-06 02:44:40 UTC | Link ID | Red Hat Product Errata RHSA-2023:3914 | |
| errata-xmlrpc | 2023-07-06 02:57:47 UTC | Link ID | Red Hat Product Errata RHSA-2023:3910 | |
| W. Trevor King | 2023-07-06 04:07:03 UTC | CC | wking | |
| errata-xmlrpc | 2023-07-06 14:02:24 UTC | Link ID | Red Hat Product Errata RHSA-2023:3925 | |
| errata-xmlrpc | 2023-07-06 14:10:23 UTC | Link ID | Red Hat Product Errata RHSA-2023:3924 | |
| Red Hat Bugzilla | 2023-07-07 08:28:19 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team | |||
| Nick Tait | 2023-07-12 15:08:07 UTC | CC | mpatel | |
| Product Security DevOps Team | 2023-07-14 21:55:17 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2023-07-14 21:55:17 UTC | |||
| Nick Tait | 2023-07-15 22:48:21 UTC | CC | scorneli | |
| Nick Tait | 2023-07-15 22:51:43 UTC | CC | nboldt | |
| errata-xmlrpc | 2023-07-17 16:29:47 UTC | Link ID | Red Hat Product Errata RHSA-2023:4112 | |
| errata-xmlrpc | 2023-07-17 16:29:53 UTC | Link ID | Red Hat Product Errata RHSA-2023:4113 | |
| errata-xmlrpc | 2023-07-17 16:30:01 UTC | Link ID | Red Hat Product Errata RHSA-2023:4114 | |
| errata-xmlrpc | 2023-07-18 23:11:29 UTC | Link ID | Red Hat Product Errata RHSA-2023:4204 | |
| Avinash Hanwate | 2023-07-20 13:32:02 UTC | Depends On | 2224269 | |
| Avinash Hanwate | 2023-07-20 13:33:58 UTC | Depends On | 2224268 | |
| Avinash Hanwate | 2023-07-20 13:35:09 UTC | Depends On | 2224246 | |
| Nick Tait | 2023-07-20 15:29:49 UTC | CC | chazlett, chfoley, jscholz, swoodman | |
| errata-xmlrpc | 2023-07-20 16:12:46 UTC | Link ID | Red Hat Product Errata RHSA-2023:4238 | |
| errata-xmlrpc | 2023-07-20 16:16:35 UTC | Link ID | Red Hat Product Errata RHSA-2023:4241 | |
| errata-xmlrpc | 2023-07-20 17:29:07 UTC | Link ID | Red Hat Product Errata RHSA-2023:4093 | |
| Nick Tait | 2023-07-25 16:03:17 UTC | Flags | needinfo?(fdeutsch) | |
| errata-xmlrpc | 2023-07-25 18:31:35 UTC | Link ID | Red Hat Product Errata RHSA-2023:4276 | |
| Avinash Hanwate | 2023-07-26 13:25:33 UTC | Depends On | 2226772, 2226771, 2226773 | |
| errata-xmlrpc | 2023-07-26 16:57:59 UTC | Link ID | Red Hat Product Errata RHSA-2023:4287 | |
| errata-xmlrpc | 2023-07-26 17:12:12 UTC | Link ID | Red Hat Product Errata RHSA-2023:4286 | |
| errata-xmlrpc | 2023-07-27 00:59:34 UTC | Link ID | Red Hat Product Errata RHSA-2023:4290 | |
| Chess Hazlett | 2023-07-27 18:03:38 UTC | Depends On | 2224244 | |
| errata-xmlrpc | 2023-08-01 14:51:34 UTC | Link ID | Red Hat Product Errata RHSA-2023:4421 | |
| errata-xmlrpc | 2023-08-02 16:07:44 UTC | Link ID | Red Hat Product Errata RHSA-2023:4437 | |
| errata-xmlrpc | 2023-08-03 14:55:38 UTC | Link ID | Red Hat Product Errata RHSA-2023:4471 | |
| errata-xmlrpc | 2023-08-03 15:51:32 UTC | Link ID | Red Hat Product Errata RHSA-2023:4472 | |
| errata-xmlrpc | 2023-08-03 18:44:13 UTC | Link ID | Red Hat Product Errata RHSA-2023:4475 | |
| errata-xmlrpc | 2023-08-07 01:07:46 UTC | Link ID | Red Hat Product Errata RHBA-2023:4490 | |
| errata-xmlrpc | 2023-08-08 11:17:40 UTC | Link ID | Red Hat Product Errata RHSA-2023:4456 | |
| errata-xmlrpc | 2023-08-08 17:44:40 UTC | Link ID | Red Hat Product Errata RHSA-2023:4575 | |
| errata-xmlrpc | 2023-08-08 18:00:47 UTC | Link ID | Red Hat Product Errata RHSA-2023:4576 | |
| errata-xmlrpc | 2023-08-14 19:53:16 UTC | Link ID | Red Hat Product Errata RHSA-2023:4650 | |
| errata-xmlrpc | 2023-08-15 15:13:56 UTC | Link ID | Red Hat Product Errata RHSA-2023:4654 | |
| errata-xmlrpc | 2023-08-16 14:09:50 UTC | Link ID | Red Hat Product Errata RHSA-2023:4664 |
Back to bug 2212085