Bug 2084027
Summary: | CVE-2022-22950 - ovirt-dependencies: spring-expression: Denial of service via specially crafted SpEL expression [ovirt-4.5] | ||
---|---|---|---|
Product: | [oVirt] ovirt-distribution | Reporter: | Sandro Bonazzola <sbonazzo> |
Component: | ovirt-dependencies | Assignee: | Martin Perina <mperina> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Lukas Svaty <lsvaty> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.5.0 | Keywords: | Security, SecurityTracking, Upstream, VerifiedUpstream |
Target Milestone: | ovirt-4.5.0-1 | Flags: | sbonazzo:
ovirt-4.5+
|
Target Release: | 4.5.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ovirt-dependencies-4.5.2 | Doc Type: | Release Note |
Doc Text: |
ovirt-dependencies has been updated including Spring Framework 5.3.19 which fixes [CVE-2022-22950](https://bugzilla.redhat.com/show_bug.cgi?id=2069414)
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-05-11 08:33:50 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2069414 |
Description
Sandro Bonazzola
2022-05-11 08:32:39 UTC
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release. |