Back to bug 750533
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jan Lieskovsky | 2011-11-01 14:14:26 UTC | CC | dbhole, jpazdziora, jvanek | |
| Jan Lieskovsky | 2011-11-01 14:26:36 UTC | Blocks | 750536 | |
| Jan Lieskovsky | 2011-11-01 16:49:43 UTC | Summary | EMBARGOED java: DoS (excessive CPU use) via hash collisions and meet-in-the-middle attacks | EMBARGOED java: DoS (excessive CPU use) via hash collisions and meet-in-the-middle attacks (oCERT-2011-003) |
| David Jorm | 2011-11-03 07:27:44 UTC | CC | djorm | |
| Whiteboard | impact=low,public=20111227,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-4/java-1.6.0-sun=new,rhel-5/java-1.6.0-sun=new,rhel-6/java-1.6.0-sun=new,rhel-4/java-1.5.0-ibm=new,rhel-5/java-1.5.0-ibm=new rhel-6/java-1.5.0-ibm=new,rhn_satellite_5.4/Other=new,rhel-4/java-1.6.0-ibm=new,rhel-5/java-1.6.0-ibm=new,rhel-6/java-1.6.0-ibm=new,rhel-5/java-1.6.0-openjdk=new,rhel-6/java-1.6.0-openjdk=new,fedora-all/java-1.6.0-openjdk=new | impact=low,public=20111227,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-4/java-1.6.0-sun=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-4/java-1.5.0-ibm=affected rhel-5/java-1.5.0-ibm=affected,rhel-6/java-1.5.0-ibm=affected,rhn_satellite_5.4/Other=new,rhel-4/java-1.6.0-ibm=affected,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected fedora-all/java-1.6.0-openjdk=affected | ||
| Tomas Hoger | 2011-12-29 11:15:41 UTC | Whiteboard | impact=low,public=20111227,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-4/java-1.6.0-sun=affected,rhel-5/java-1.6.0-sun=affected,rhel-6/java-1.6.0-sun=affected,rhel-4/java-1.5.0-ibm=affected rhel-5/java-1.5.0-ibm=affected,rhel-6/java-1.5.0-ibm=affected,rhn_satellite_5.4/Other=new,rhel-4/java-1.6.0-ibm=affected,rhel-5/java-1.6.0-ibm=affected,rhel-6/java-1.6.0-ibm=affected,rhel-5/java-1.6.0-openjdk=affected,rhel-6/java-1.6.0-openjdk=affected fedora-all/java-1.6.0-openjdk=affected | impact=low,public=20111227,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix |
| Tomas Hoger | 2011-12-29 12:23:27 UTC | Priority | low | medium |
| Group | security, qe_staff | |||
| Summary | EMBARGOED java: DoS (excessive CPU use) via hash collisions and meet-in-the-middle attacks (oCERT-2011-003) | java: hash table collisions CPU usage DoS (oCERT-2011-003) | ||
| Whiteboard | impact=low,public=20111227,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix | ||
| Severity | low | medium | ||
| Tomas Hoger | 2011-12-29 12:40:08 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2011-12-29 07:40:08 UTC | |||
| Markus Falb | 2011-12-29 16:22:34 UTC | CC | markus.falb | |
| Tomas Hoger | 2011-12-30 10:13:38 UTC | Blocks | 770929 | |
| Kurt Seifried | 2012-01-03 23:59:45 UTC | Whiteboard | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix openshift-express-1/java-1.6.0-openjdk=affected |
| Kurt Seifried | 2012-01-04 00:03:46 UTC | Whiteboard | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix openshift-express-1/java-1.6.0-openjdk=affected | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix openshift-express-1/java-1.6.0-openjdk=affected,openshift-flex-1/java-1.6.0-openjdk=affected |
| Tomas Hoger | 2012-01-04 14:11:11 UTC | CC | ahughes, aph | |
| Kurt Seifried | 2012-05-09 15:38:09 UTC | Whiteboard | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix openshift-express-1/java-1.6.0-openjdk=affected,openshift-flex-1/java-1.6.0-openjdk=affected | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=affected openshift-flex-1/java-1.6.0-openjdk=affected |
| Kurt Seifried | 2012-05-09 15:40:33 UTC | Whiteboard | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=affected openshift-flex-1/java-1.6.0-openjdk=affected | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=affected |
| David Jorm | 2012-06-18 05:00:07 UTC | Summary | java: hash table collisions CPU usage DoS (oCERT-2011-003) | CVE-2012-2739 java: hash table collisions CPU usage DoS (oCERT-2011-003) |
| Alias | CVE-2012-2739 | |||
| Whiteboard | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=affected | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=wontfix | ||
| Tomas Hoger | 2012-06-18 06:55:06 UTC | Status | CLOSED | ASSIGNED |
| Resolution | WONTFIX | --- | ||
| Keywords | Reopened | |||
| Jan Lieskovsky | 2012-11-27 15:50:43 UTC | Whiteboard | impact=medium,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=wontfix | impact=moderate,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=wontfix |
| Vincent Danen | 2013-04-12 05:02:03 UTC | Status | ASSIGNED | NEW |
| Pavel Alexeev | 2014-05-03 17:40:31 UTC | CC | pahan | |
| John Skeoch | 2014-10-21 00:09:05 UTC | CC | djorm | mjc |
| Ján Rusnačko | 2015-07-31 06:45:13 UTC | Whiteboard | impact=moderate,public=20111228,reported=20111101,source=linuxdistros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix,rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=wontfix | impact=moderate,public=20111228,reported=20111101,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix,rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=wontfix |
| Jan Pazdziora | 2017-10-31 08:30:33 UTC | CC | jpazdziora | |
| Andrew Haley | 2018-02-09 16:57:30 UTC | Status | NEW | CLOSED |
| Resolution | --- | NOTABUG | ||
| Last Closed | 2011-12-29 07:40:08 UTC | 2018-02-09 11:57:30 UTC | ||
| Andrew Haley | 2018-02-09 16:59:14 UTC | Resolution | NOTABUG | WONTFIX |
| Product Security DevOps Team | 2019-09-29 12:48:01 UTC | Whiteboard | impact=moderate,public=20111228,reported=20111101,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-5/java-1.6.0-openjdk=wontfix,rhel-6/java-1.6.0-openjdk=wontfix,rhel-4/java-1.6.0-sun=wontfix,rhel-5/java-1.6.0-sun=wontfix,rhel-6/java-1.6.0-sun=wontfix,rhel-4/java-1.5.0-ibm=wontfix,rhel-5/java-1.5.0-ibm=wontfix,rhel-6/java-1.5.0-ibm=wontfix,rhel-4/java-1.6.0-ibm=wontfix,rhel-5/java-1.6.0-ibm=wontfix,rhel-6/java-1.6.0-ibm=wontfix,openshift-1/java-1.6.0-openjdk=wontfix |
Back to bug 750533