Back to bug 921329
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2013-03-14 02:46:43 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2013-03-14 02:46:43 UTC | Doc Type | --- | Bug Fix |
| Kurt Seifried | 2013-03-14 02:46:55 UTC | CC | bkearney, bleanhar, ccoleman, cpelland, dajohnso, dmcphers, jeckersb, jialiu, jomara, lmeyer, mmccune, morazi msuchy, sclewis, tkramer | |
| Kurt Seifried | 2013-03-14 03:29:17 UTC | Blocks | 921344 | |
| Kurt Seifried | 2013-03-14 03:32:04 UTC | Blocks | 921347 | |
| Kurt Seifried | 2013-03-14 03:33:04 UTC | Blocks | 921348 | |
| Kurt Seifried | 2013-03-14 03:47:04 UTC | Depends On | 921350 | |
| Kurt Seifried | 2013-03-14 03:48:38 UTC | Depends On | 921353 | |
| Kurt Seifried | 2013-03-14 03:58:20 UTC | Depends On | 921357 | |
| Kurt Seifried | 2013-03-14 04:01:33 UTC | Depends On | 921359 | |
| Jan Lieskovsky | 2013-03-15 13:26:16 UTC | CC | bkabrda, jlieskov, vondruch | |
| Kurt Seifried | 2013-03-19 03:20:10 UTC | Whiteboard | impact=moderate,public=no,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-all/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=affected,sam-1/rubygem-activerecord=affected openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-all/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=affected,sam-1/rubygem-activerecord=affected openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=affected |
| Kurt Seifried | 2013-03-19 03:20:13 UTC | Summary | EMBARGOED CVE-2013-1854 rubygem-activerecord: attribute_dos Symbol DoS vulnerability | CVE-2013-1854 rubygem-activerecord: attribute_dos Symbol DoS vulnerability |
| Kurt Seifried | 2013-03-19 03:20:16 UTC | Group | security, qe_staff | |
| Jan Lieskovsky | 2013-03-21 14:32:48 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-all/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=affected,sam-1/rubygem-activerecord=affected openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected cloudformscommon-1/rubygem-activerecord=affected,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected openshift-enterprise-1/rubygem-activerecord=affected |
| Jan Lieskovsky | 2013-03-21 14:33:09 UTC | CC | kanarip, katello-bugs, katello-internal, mastahnke, mmorsi, mtasaka, sseago | |
| Jan Lieskovsky | 2013-03-21 14:34:15 UTC | Depends On | 924316 | |
| Jan Lieskovsky | 2013-03-21 14:34:33 UTC | Depends On | 924318 | |
| Kurt Seifried | 2013-03-23 01:00:31 UTC | Blocks | 925773 | |
| Kurt Seifried | 2013-03-27 19:15:32 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected cloudformscommon-1/rubygem-activerecord=affected,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected openshift-enterprise-1/rubygem-activerecord=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected cloudformscommon-1/rubygem-activerecord=affected,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected openshift-enterprise-1/rubygem-activerecord=notaffected |
| Kurt Seifried | 2013-07-26 06:18:32 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=affected,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=notaffected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=notaffected |
| Kurt Seifried | 2013-08-10 03:40:53 UTC | Depends On | 995660 | |
| Garth Mollett | 2013-11-15 04:44:57 UTC | Blocks | 1028279 | |
| Garth Mollett | 2013-11-15 05:04:51 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=notaffected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected |
| Garth Mollett | 2013-11-15 05:11:24 UTC | Depends On | 1030761 | |
| Kurt Seifried | 2014-06-03 05:47:36 UTC | Blocks | 1000138 | |
| John Skeoch | 2014-06-18 07:58:08 UTC | CC | tkramer | mmcgrath |
| Kurt Seifried | 2014-10-28 21:25:58 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected |
| Kurt Seifried | 2014-11-06 06:16:55 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected |
| John Skeoch | 2014-11-09 22:57:00 UTC | CC | jomara | athomas |
| Martin Prpič | 2014-11-14 16:19:25 UTC | Doc Text | A flaw was found in the way Ruby on Rails handled hashes in certain queries. A remote attacker could use this flaw to perform a denial of service (resource consumption) attack by sending specially crafted queries that would result in the creation of Ruby symbols, which were never garbage collected. | |
| Kurt Seifried | 2014-11-18 20:49:10 UTC | Depends On | 1165368 | |
| Kurt Seifried | 2015-01-17 05:33:22 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2015-01-17 00:33:22 UTC | |||
| Ján Rusnačko | 2015-01-19 07:37:36 UTC | CC | jrusnack | |
| Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected,cwe=CWE-400 | ||
| Martin Prpič | 2015-07-29 13:12:34 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected,cwe=CWE-400 | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected,cwe=CWE-400 |
| Product Security DevOps Team | 2019-09-29 13:01:57 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-18/rubygem-activerecord=affected,fedora-17/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cloudformscommon-1/rubygem-activerecord=wontfix,sam-1/rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,openshift-1/rubygem-activerecord=notaffected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-enterprise-1/rubygem-activerecord=notaffected,rhn_satellite_6/ruby193-rubygem-activerecord=affected,cwe=CWE-400 |
Back to bug 921329