[Bug 1510332] CVE-2017-14941 jasperreports: Cleartext storage of passwords
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1510332
Kurt Seifried <kseifried(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution|--- |NOTABUG
Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017
|0930,reported=20171031,sour |0930,reported=20171030,sour
|ce=cve,cvss3=6.5/CVSS:3.0/A |ce=cve,cvss3=6.5/CVSS:3.0/A
|V:N/AC:L/PR:L/UI:N/S:U/C:H/ |V:N/AC:L/PR:L/UI:N/S:U/C:H/
|I:N/A:N,cwe=CWE-312,rhev-m- |I:N/A:N,cwe=CWE-312,rhev-m-
|3/jasperreports-server-pro= |3/jasperreports-server-pro=
|new,fedora-all/jasperreport |new,fedora-all/jasperreport
|s=notaffected |s=notaffected
Last Closed| |2017-11-07 12:40:53
--- Comment #1 from Kurt Seifried <kseifried(a)redhat.com> ---
Statement:
Red Hat Product Security is not aware of any supported product that ships the
affected component.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 6 months
[Bug 1506612] CVE-2017-15095 jackson-databind: Unsafe deserialization due to incomplete black list ( incomplete fix for CVE-2017-7525)
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1506612
Eric Christensen <sparks(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|71102,reported=20171010,sou |71102,reported=20171009,sou
|rce=researcher,cvss3=8.1/CV |rce=researcher,cvss3=8.1/CV
|SS:3.0/AV:N/AC:H/PR:N/UI:N/ |SS:3.0/AV:N/AC:H/PR:N/UI:N/
|S:U/C:H/I:H/A:H,cwe=CWE-184 |S:U/C:H/I:H/A:H,cwe=CWE-184
|,fedora-all/jackson-databin |,fedora-all/jackson-databin
|d=affected,amq-6/jackson-da |d=affected,amq-6/jackson-da
|tabind=notaffected,jdg-7/ja |tabind=notaffected,jdg-7/ja
|ckson-databind=notaffected, |ckson-databind=notaffected,
|jdv-6/jackson-databind=nota |jdv-6/jackson-databind=nota
|ffected,eap-7/jackson-datab |ffected,eap-7/jackson-datab
|ind=affected,bpms-6/jackson |ind=affected,bpms-6/jackson
|-databind=notaffected,brms- |-databind=notaffected,brms-
|6/jackson-databind=notaffec |6/jackson-databind=notaffec
|ted,fuse-6/jackson-databind |ted,fuse-6/jackson-databind
|=notaffected,openshift-ente |=notaffected,openshift-ente
|rprise-2/jackson-databind=n |rprise-2/jackson-databind=n
|otaffected,rhn_satellite_6/ |otaffected,rhn_satellite_6/
|jackson-databind=affected,r |jackson-databind=affected,r
|hmap-4/jackson-databind=not |hmap-4/jackson-databind=not
|affected,sam-1/jackson-data |affected,sam-1/jackson-data
|bind=wontfix,rhev-m-3/jaspe |bind=wontfix,rhev-m-3/jaspe
|rreports-server-pro=wontfix |rreports-server-pro=wontfix
|/impact=moderate,rhev-m-4/e |/impact=moderate,rhev-m-4/e
|ap7-jackson-databind=wontfi |ap7-jackson-databind=wontfi
|x/impact=moderate,rhscl-3/r |x/impact=moderate,rhscl-3/r
|h-eclipse46-jackson-databin |h-eclipse46-jackson-databin
|d=affected,jon-3/Core |d=affected,jon-3/Core
|Server=notaffected,eap-6/ja |Server=notaffected,eap-6/ja
|ckson-databind=affected,dts |ckson-databind=affected,dts
|-4/devtoolset-4-jackson-dat |-4/devtoolset-4-jackson-dat
|abind=affected,rhscl-3/rh-m |abind=affected,rhscl-3/rh-m
|aven35-jackson-databind=aff |aven35-jackson-databind=aff
|ected |ected
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 6 months
[Bug 1490329] New: Please update to junit 5
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1490329
Bug ID: 1490329
Summary: Please update to junit 5
Product: Fedora
Version: rawhide
Component: junit4
Assignee: extras-orphan(a)fedoraproject.org
Reporter: akurtako(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: dwalluck(a)redhat.com, extras-orphan(a)fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org
Please update to JUnit 5 or add it as new package. Eclipse upstream gained
dependency on it and we will need it for future updates.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 6 months