Back to bug 921331
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2013-03-14 02:53:52 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2013-03-14 02:53:52 UTC | Doc Type | --- | Bug Fix |
| Kurt Seifried | 2013-03-14 02:54:04 UTC | CC | bkearney, bleanhar, ccoleman, cpelland, dajohnso, dmcphers, jeckersb, jialiu, jomara, lmeyer, mmccune, morazi msuchy, sclewis, tkramer | |
| Kurt Seifried | 2013-03-14 03:02:25 UTC | Whiteboard | impact=low,public=no,reported=20130313,source=upstream,cvss2=5.0/AV:N/AC:N/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected | impact=moderate,public=no,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected |
| Kurt Seifried | 2013-03-14 03:29:20 UTC | Blocks | 921344 | |
| Kurt Seifried | 2013-03-14 03:32:07 UTC | Blocks | 921347 | |
| Kurt Seifried | 2013-03-14 03:33:07 UTC | Blocks | 921348 | |
| Kurt Seifried | 2013-03-14 03:47:54 UTC | Depends On | 921352 | |
| Kurt Seifried | 2013-03-14 03:49:15 UTC | Depends On | 921355 | |
| Kurt Seifried | 2013-03-14 03:59:13 UTC | Depends On | 921358 | |
| Kurt Seifried | 2013-03-14 04:02:23 UTC | Depends On | 921361 | |
| Jan Lieskovsky | 2013-03-15 09:13:08 UTC | CC | bkabrda, jlieskov, vondruch | |
| Tim Kramer | 2013-03-15 13:48:42 UTC | CC | tdawson | |
| Kurt Seifried | 2013-03-19 03:19:02 UTC | Whiteboard | impact=moderate,public=no,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected |
| Kurt Seifried | 2013-03-19 03:19:05 UTC | Summary | EMBARGOED CVE-2013-1855 rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css | CVE-2013-1855 rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css |
| Kurt Seifried | 2013-03-19 03:19:08 UTC | Group | security, qe_staff | |
| Jan Lieskovsky | 2013-03-21 14:12:39 UTC | Depends On | 924297 | |
| Jan Lieskovsky | 2013-03-21 14:12:57 UTC | Depends On | 924298 | |
| Kurt Seifried | 2013-03-23 00:58:41 UTC | Blocks | 925747 | |
| Kurt Seifried | 2013-07-26 06:17:59 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected |
| Kurt Seifried | 2013-08-10 03:40:03 UTC | Depends On | 995659 | |
| Garth Mollett | 2013-11-15 05:58:12 UTC | Blocks | 1028279 | |
| Garth Mollett | 2013-11-15 06:01:24 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected |
| Garth Mollett | 2013-11-15 06:01:47 UTC | CC | katello-bugs | |
| Garth Mollett | 2013-11-15 06:05:00 UTC | Depends On | 1030775 | |
| Kurt Seifried | 2014-06-03 05:47:36 UTC | Blocks | 1000138 | |
| John Skeoch | 2014-06-18 07:58:08 UTC | CC | tkramer | mmcgrath |
| Kurt Seifried | 2014-10-28 21:26:10 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-enterprise-1/rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected |
| Kurt Seifried | 2014-10-28 23:12:37 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-enterprise-1/rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-enterprise-1/rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected |
| John Skeoch | 2014-11-09 22:57:00 UTC | CC | jomara | athomas |
| Martin Prpič | 2014-11-13 13:52:30 UTC | Priority | low | medium |
| Severity | low | medium | ||
| Martin Prpič | 2014-11-14 16:20:10 UTC | Doc Text | A cross-site scripting (XSS) flaw was found in Action Pack. A remote attacker could use this flaw to conduct XSS attacks against users of an application using Action Pack. | |
| Kurt Seifried | 2014-11-18 20:56:48 UTC | Depends On | 1165386 | |
| Kurt Seifried | 2014-11-18 20:56:53 UTC | Depends On | 1165387 | |
| Kurt Seifried | 2015-01-17 05:33:49 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2015-01-17 00:33:49 UTC | |||
| Ján Rusnačko | 2015-01-19 07:35:28 UTC | CC | jrusnack | |
| Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-enterprise-1/rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-enterprise-1/rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cwe=CWE-79 | ||
| Product Security DevOps Team | 2019-09-29 13:01:57 UTC | Whiteboard | impact=moderate,public=20130318,reported=20130313,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,epel-5/rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,cloudformscommon-1/rubygem-actionpack=wontfix,sam-1/rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-enterprise-1/rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cwe=CWE-79 |
Back to bug 921331