Back to bug 892866
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2013-01-08 05:24:45 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2013-01-08 05:24:45 UTC | Doc Type | --- | Bug Fix |
| Kurt Seifried | 2013-01-08 05:25:02 UTC | CC | bkearney, bleanhar, cpelland, jialiu, katello-bugs, katello-internal, lmeyer, mmccune, morazi, msuchy, rmillner, tkramer | |
| Kurt Seifried | 2013-01-08 06:09:37 UTC | Blocks | 892872 | |
| Kurt Seifried | 2013-01-08 06:14:38 UTC | Depends On | 892873 | |
| Kurt Seifried | 2013-01-08 06:16:45 UTC | Depends On | 892874 | |
| Kurt Seifried | 2013-01-08 06:18:41 UTC | Depends On | 892875 | |
| Kurt Seifried | 2013-01-08 06:19:49 UTC | Depends On | 892877 | |
| Kurt Seifried | 2013-01-08 06:54:54 UTC | Blocks | 892883 | |
| Kurt Seifried | 2013-01-08 20:21:20 UTC | Group | security, qe_staff | |
| Kurt Seifried | 2013-01-08 21:24:03 UTC | Attachment #674508 Attachment is obsolete | 0 | 1 |
| Kurt Seifried | 2013-01-08 21:24:42 UTC | Attachment #674505 Attachment is obsolete | 0 | 1 |
| Kurt Seifried | 2013-01-08 21:25:30 UTC | Attachment #674506 Attachment is obsolete | 0 | 1 |
| Kurt Seifried | 2013-01-08 21:25:51 UTC | Attachment #674507 Attachment is obsolete | 0 | 1 |
| Kurt Seifried | 2013-01-08 21:42:04 UTC | Attachment #675074 Attachment filename | actionpack-CVE-2012-0155-3-0-null_array_param.patch | actionpack-CVE-2013-0155-3-0-null_array_param.patch |
| Attachment #675074 Attachment description | actionpack-CVE-2012-0155-3-0-null_array_param.patch | actionpack-CVE-2013-0155-3-0-null_array_param.patch | ||
| Kurt Seifried | 2013-01-08 21:42:13 UTC | Attachment #675075 Attachment filename | actionpack-CVE-2012-0155-3-1-null_array_param.patch | actionpack-CVE-2013-0155-3-1-null_array_param.patch |
| Attachment #675075 Attachment description | actionpack-CVE-2012-0155-3-1-null_array_param.patch | actionpack-CVE-2013-0155-3-1-null_array_param.patch | ||
| Kurt Seifried | 2013-01-08 21:42:20 UTC | Attachment #675076 Attachment filename | actionpack-CVE-2012-0155-3-2-null_array_param.patch | actionpack-CVE-2013-0155-3-2-null_array_param.patch |
| Attachment #675076 Attachment description | actionpack-CVE-2012-0155-3-2-null_array_param.patch | actionpack-CVE-2013-0155-3-2-null_array_param.patch | ||
| Katello Internal Mailing List | 2013-01-08 22:19:25 UTC | CC | katello-internal | |
| David Davis | 2013-01-08 22:20:26 UTC | CC | dadavis, katello-internal | |
| Vincent Danen | 2013-01-09 02:17:51 UTC | Summary | EMBARGOED CVE-2013-0155 rubygem-actionpack: Unsafe Query Generation Risk in Ruby on Rails | CVE-2013-0155 rubygem-actionpack: Unsafe Query Generation Risk in Ruby on Rails |
| Whiteboard | impact=important,public=no,reported=20130107,source=upstream,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,epel-5/rubygem-actionpack=notaffected,fedora-all/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected openshift-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected | impact=important,public=20130108,reported=20130107,source=upstream,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,epel-5/rubygem-actionpack=notaffected,fedora-all/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected openshift-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected | ||
| Vincent Danen | 2013-01-09 02:19:47 UTC | Depends On | 893281 | |
| Jan Lieskovsky | 2013-01-09 15:28:38 UTC | Depends On | 892874 | |
| Jan Lieskovsky | 2013-01-09 15:31:26 UTC | CC | jlieskov | |
| Summary | CVE-2013-0155 rubygem-actionpack: Unsafe Query Generation Risk in Ruby on Rails | CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails | ||
| Tomas Hoger | 2013-01-09 18:03:09 UTC | Blocks | 892872 | |
| Tomas Hoger | 2013-01-09 18:05:25 UTC | Blocks | 893691 | |
| Troy Dawson | 2013-01-09 20:53:09 UTC | CC | bkabrda, tdawson | |
| Troy Dawson | 2013-01-09 20:53:43 UTC | CC | mmaslano | |
| Marcela Mašláňová | 2013-01-10 09:30:47 UTC | CC | vondruch | |
| Tomas Hoger | 2013-01-16 08:37:59 UTC | Blocks | 892883 | |
| Vincent Danen | 2013-02-27 17:50:28 UTC | Fixed In Version | rubygem-activerecord 3.2.11, rubygem-activerecord 3.1.10, rubygem-activerecord 3.0.19, rubygem-actionpack 3.2.11, rubygem-actionpack 3.1.10, rubygem-actionpack 3.0.19 | |
| Kurt Seifried | 2013-02-27 21:14:32 UTC | Depends On | 916342 | |
| Vincent Danen | 2013-04-10 22:29:35 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2013-04-10 18:29:35 UTC | |||
| Ján Rusnačko | 2014-11-21 16:20:36 UTC | CC | jrusnack | |
| Whiteboard | impact=important,public=20130108,reported=20130107,source=upstream,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,epel-5/rubygem-actionpack=notaffected,fedora-all/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected | impact=important,public=20130108,reported=20130107,source=upstream,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,epel-5/rubygem-actionpack=notaffected,fedora-all/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected,cwe=CWE-89 | ||
| Product Security DevOps Team | 2019-09-29 12:58:59 UTC | Whiteboard | impact=important,public=20130108,reported=20130107,source=upstream,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,epel-5/rubygem-actionpack=notaffected,fedora-all/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected,cwe=CWE-89 |
Back to bug 892866