Back to bug 891922
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jan Lieskovsky | 2013-01-04 13:44:19 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2013-01-04 13:44:19 UTC | Doc Type | --- | Bug Fix |
| Jan Lieskovsky | 2013-01-04 13:44:32 UTC | CC | abeekhof, cluster-maint, dvossel | |
| Jan Lieskovsky | 2013-01-04 13:46:15 UTC | CC | agk | |
| Depends On | 891766 | |||
| Whiteboard | impact=moderate,public=20130202,reported=20130103,source=secalert,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | impact=moderate,public=no,reported=20130103,source=secalert,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | ||
| Jan Lieskovsky | 2013-01-04 13:56:29 UTC | Blocks | 891925 | |
| Jan Lieskovsky | 2013-02-13 15:29:33 UTC | Summary | EMBARGOED pacemaker: Denial of service when remote TLS access enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials | EMBARGOED pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials |
| Jan Lieskovsky | 2013-02-13 15:32:10 UTC | Whiteboard | impact=moderate,public=no,reported=20130103,source=secalert,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | impact=moderate,public=no,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected |
| Jan Lieskovsky | 2013-02-13 15:32:13 UTC | Severity | medium | low |
| Jan Lieskovsky | 2013-02-13 15:32:15 UTC | Whiteboard | impact=moderate,public=no,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | impact=low,public=no,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected |
| Jan Lieskovsky | 2013-02-13 15:32:18 UTC | Priority | medium | low |
| Jan Lieskovsky | 2013-02-13 15:38:59 UTC | Summary | EMBARGOED pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials | EMBARGOED CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials |
| Alias | CVE-2013-0281 | |||
| Jan Lieskovsky | 2013-02-14 16:40:46 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials | CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials | ||
| Whiteboard | impact=low,public=no,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | impact=low,public=20130214,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | ||
| Jan Lieskovsky | 2013-02-14 16:41:44 UTC | Depends On | 911291 | |
| Huzaifa S. Sidhpurwala | 2013-02-15 07:08:16 UTC | Whiteboard | impact=low,public=20130214,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | impact=low,public=20130214,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=defer,fedora-all/pacemaker=affected |
| Andrew Beekhof | 2013-07-02 00:35:37 UTC | Status | NEW | MODIFIED |
| Fixed In Version | 1.1.9-0.1.70ad9fa.git.f19 | |||
| Kurt Seifried | 2013-08-21 16:36:32 UTC | Status | MODIFIED | ASSIGNED |
| Tomas Hoger | 2013-11-13 13:01:42 UTC | Fixed In Version | 1.1.9-0.1.70ad9fa.git.f19 | |
| Summary | CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials | CVE-2013-0281 pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets | ||
| Tomas Hoger | 2013-11-13 13:06:04 UTC | Blocks | 974906 | |
| Huzaifa S. Sidhpurwala | 2013-11-22 05:20:30 UTC | Status | ASSIGNED | CLOSED |
| Resolution | --- | ERRATA | ||
| Whiteboard | impact=low,public=20130214,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=defer,fedora-all/pacemaker=affected | impact=low,public=20130214,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | ||
| Last Closed | 2013-11-22 00:20:30 UTC | |||
| Ján Rusnačko | 2015-07-31 10:42:03 UTC | CC | jrusnack | |
| Whiteboard | impact=low,public=20130214,reported=20130103,source=secalert,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | impact=low,public=20130214,reported=20130103,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected | ||
| Product Security DevOps Team | 2019-09-29 12:58:59 UTC | Whiteboard | impact=low,public=20130214,reported=20130103,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,rhel-6/pacemaker=affected,fedora-all/pacemaker=affected |
Back to bug 891922