Bug 1319731 (CVE-2012-6702)
Summary: | CVE-2012-6702 expat: Using XML_Parse before rand() results into non-random output | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED WONTFIX | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | apintea, besser82, bkundal, bmaxwell, caillon, cdewolf, chazlett, cschalle, csutherl, darran.lofthouse, dimitris, dosoudil, erik-fedora, fgavrilo, gecko-bugs-nobody, gzaronik, jawilson, jclere, jhorak, jondruse, jorton, lgao, lupinix.fedora, mbabacek, mizdebsk, mturk, myarboro, pgier, pjurak, ppalaga, psakar, pslavice, rjones, rmeggins, rnetuka, rstancel, rsvoboda, slawomir, stransky, twalsh, vtunka, weli | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2018-07-05 21:35:50 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1197087, 1319732, 1319733, 1319734, 1319735, 1319736 | ||||||
Bug Blocks: | 1296104, 1319739 | ||||||
Attachments: |
|
Description
Adam Mariš
2016-03-21 11:55:54 UTC
Created compat-expat1 tracking bugs for this issue: Affects: fedora-all [bug 1319733] Created expat tracking bugs for this issue: Affects: fedora-all [bug 1319732] Created mingw-expat tracking bugs for this issue: Affects: fedora-all [bug 1319734] Affects: epel-7 [bug 1319736] Created expat21 tracking bugs for this issue: Affects: epel-all [bug 1319735] CVE assignment: http://seclists.org/oss-sec/2016/q2/469 Created attachment 1165212 [details]
Proposed upstream patch
|