Bug 805712 (CVE-2012-1575)
Summary: | CVE-2012-1575 cumin: multiple XSS flaws | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> | ||||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | unspecified | CC: | grid-maint-list, iboverma, jneedle, matt, mcressma, mjc, security-response-team, tmckay | ||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2012-04-12 16:56:47 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | 438142, 807763, 812066 | ||||||||||
Bug Blocks: | 805721 | ||||||||||
Attachments: |
|
Description
Vincent Danen
2012-03-21 21:18:32 UTC
Created attachment 571986 [details]
Technical write up on vulnerabilities, fixes, and testing
Slightly different than the original version, but only because I changed the integers used in alert scripts to be unique so that when they are run it is unambiguous which one is displaying. This might be helpful when testing Cumin for the presences of errors.
Created attachment 571987 [details]
Quota config, referenced from the pdf
Created attachment 571988 [details]
Aviary submit script, referenced from the pdf
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2012:0477 https://rhn.redhat.com/errata/RHSA-2012-0477.html This issue has been addressed in following products: MRG for RHEL-5 v. 2 Via RHSA-2012:0476 https://rhn.redhat.com/errata/RHSA-2012-0476.html Created cumin tracking bugs for this issue Affects: fedora-all [bug 812066] Current Fedora ships cumin-0.1.5522 which is based on upstream svn r5522 and includes this fix. |