Back to bug 713477
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jan Lieskovsky | 2011-06-15 14:10:39 UTC | Whiteboard | public=20110701,reported=20110522,source=secalert,impact=moderate,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:P/A:N,fedora-all/spacewalk-backend=affected | public=no,reported=20110522,source=secalert,impact=moderate,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:P/A:N,fedora-all/spacewalk-backend=affected |
| Jan Lieskovsky | 2011-06-15 14:11:23 UTC | CC | cperry, jpazdziora, mmraka, mzazrivec | |
| Jan Lieskovsky | 2011-06-15 14:40:25 UTC | CC | jskrabal | |
| Jan Lieskovsky | 2011-06-15 14:41:13 UTC | Blocks | 622406 | |
| Jan Lieskovsky | 2011-06-15 14:57:39 UTC | Blocks | 713496 | |
| Jan Lieskovsky | 2011-06-17 15:12:28 UTC | Priority | medium | low |
| Summary | EMBARGOED RHN Satellite / Spacewalk: Password reset application prone to XSS cookie stealing attacks due absent support for HTTPOnly cookies (CWE-79) | EMBARGOED [RFE] RHN Satellite / Spacewalk: Enable HTTPOnly cookies support in Satellite / Spacewalk (CWE-79) | ||
| Whiteboard | public=no,reported=20110522,source=secalert,impact=moderate,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:P/A:N,fedora-all/spacewalk-backend=affected | public=no,reported=20110522,source=secalert,impact=none,cvss2=0 | ||
| Severity | medium | low | ||
| Jan Lieskovsky | 2011-06-17 15:19:00 UTC | Group | qe_staff | rhn |
| Component | vulnerability | WebUI | ||
| Version | unspecified | 541 | ||
| Assignee | security-response-team | tlestach | ||
| Product | Security Response | Red Hat Network Satellite | ||
| QA Contact | satellite-qa-list | |||
| Jan Lieskovsky | 2011-06-17 15:40:15 UTC | CC | csuleski | |
| Jan Lieskovsky | 2011-06-21 10:39:18 UTC | CC | d.muturi | |
| Clifford Perry | 2011-06-29 15:41:54 UTC | Blocks | 677498 | |
| Clifford Perry | 2011-06-29 15:42:16 UTC | Priority | low | medium |
| Severity | low | medium | ||
| Jan Lieskovsky | 2011-07-14 13:18:00 UTC | Blocks | 713496 | |
| Vincent Danen | 2011-08-18 04:22:12 UTC | CC | vdanen | |
| Jan Hutař | 2011-08-19 05:41:23 UTC | CC | jhutar | |
| Michael Mráka | 2011-09-01 11:37:53 UTC | Status | NEW | MODIFIED |
| Fixed In Version | spacewalk-config-1.2.2-6 | |||
| Assignee | tlestach | mmraka | ||
| Jan Pazdziora | 2011-09-05 14:02:25 UTC | Status | MODIFIED | ON_QA |
| Martin Minar | 2011-09-06 12:36:40 UTC | CC | mminar | |
| QA Contact | satellite-qa-list | mminar | ||
| Martin Minar | 2011-09-09 06:53:46 UTC | Status | ON_QA | ASSIGNED |
| Jan Lieskovsky | 2011-09-09 08:08:46 UTC | Flags | needinfo? | |
| Martin Minar | 2011-09-09 08:46:41 UTC | Flags | needinfo? | |
| Michael Mráka | 2011-09-09 09:23:12 UTC | Status | ASSIGNED | ON_QA |
| Fixed In Version | spacewalk-config-1.2.2-6 | spacewalk-config-1.2.2-7 | ||
| Martin Minar | 2011-09-12 07:05:54 UTC | Status | ON_QA | VERIFIED |
| Vincent Danen | 2011-09-15 17:35:32 UTC | Summary | EMBARGOED [RFE] RHN Satellite / Spacewalk: Enable HTTPOnly cookies support in Satellite / Spacewalk (CWE-79) | [RFE] RHN Satellite / Spacewalk: Enable HTTPOnly cookies support in Satellite / Spacewalk (CWE-79) |
| Whiteboard | public=no,reported=20110522,source=secalert,impact=none,cvss2=0 | public=20110915,reported=20110522,source=secalert,impact=none,cvss2=0 | ||
| Vincent Danen | 2011-09-15 17:36:21 UTC | Group | rhn, security | |
| errata-xmlrpc | 2011-09-15 17:55:57 UTC | Status | VERIFIED | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2011-09-15 13:55:57 UTC | |||
| Clifford Perry | 2012-03-08 09:02:49 UTC | Blocks | 801305 | |
| Clifford Perry | 2012-03-08 09:06:43 UTC | Blocks | 801305 | |
| John Skeoch | 2016-07-04 00:56:31 UTC | CC | mkoci |
Back to bug 713477