[Bug 1632452] CVE-2018-3831 elasticsearch: Information exposure via _cluster/settings API
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1632452
Cedric Buissart <cbuissar(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
|0918,reported=20180918,sour |0918,reported=20180918,sour
|ce=cve,cvss3=5.3/CVSS:3.0/A |ce=cve,cvss3=5.3/CVSS:3.0/A
|V:N/AC:H/PR:L/UI:N/S:U/C:H/ |V:N/AC:H/PR:L/UI:N/S:U/C:H/
|I:N/A:N,cwe=CWE-200,fedora- |I:N/A:N,cwe=CWE-200,fedora-
|all/elasticsearch=affected, |all/elasticsearch=affected,
|sam-1/elasticsearch=new,fus |sam-1/elasticsearch=wontfix
|e-6/elasticsearch=new,fuse- |,fuse-6/elasticsearch=new,f
|7/elasticsearch=new,rhdm-7/ |use-7/elasticsearch=new,rhd
|elasticsearch=new,rhpam-7/e |m-7/elasticsearch=new,rhpam
|lasticsearch=new,openshift- |-7/elasticsearch=new,opensh
|enterprise-3.11/elasticsear |ift-enterprise-3.11/elastic
|ch=notaffected,openshift-en |search=notaffected,openshif
|terprise-3.10/elasticsearch |t-enterprise-3.10/elasticse
|=notaffected,openshift-ente |arch=notaffected,openshift-
|rprise-3.9/elasticsearch=no |enterprise-3.9/elasticsearc
|taffected,openshift-enterpr |h=notaffected,openshift-ent
|ise-3.7/elasticsearch=notaf |erprise-3.7/elasticsearch=n
|fected,openshift-enterprise |otaffected,openshift-enterp
|-3.6/elasticsearch=notaffec |rise-3.6/elasticsearch=nota
|ted,openshift-enterprise-3. |ffected,openshift-enterpris
|5/elasticsearch=notaffected |e-3.5/elasticsearch=notaffe
|,openshift-enterprise-3.4/e |cted,openshift-enterprise-3
|lasticsearch=notaffected,op |.4/elasticsearch=notaffecte
|enshift-enterprise-3.3/elas |d,openshift-enterprise-3.3/
|ticsearch=notaffected,opens |elasticsearch=notaffected,o
|hift-enterprise-3.2/elastic |penshift-enterprise-3.2/ela
|search=notaffected,openshif |sticsearch=notaffected,open
|t-enterprise-3.1/elasticsea |shift-enterprise-3.1/elasti
|rch=notaffected,openshift-e |csearch=notaffected,openshi
|nterprise-3.0/elasticsearch |ft-enterprise-3.0/elasticse
|=notaffected,openstack-8-op |arch=notaffected,openstack-
|tools/elasticsearch=affecte |8-optools/elasticsearch=aff
|d,openstack-9-optools/elast |ected,openstack-9-optools/e
|icsearch=affected |lasticsearch=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months
[Bug 1651837] CVE-2018-17187 qpid-proton-java: Hostname verification mode not implemented in transport TLS wrapper
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1651837
Doran Moppert <dmoppert(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
|1112,reported=20181119,sour |1112,reported=20181119,sour
|ce=oss-security,cvss3=6.8/C |ce=oss-security,cvss3=6.8/C
|VSS:3.0/AV:N/AC:H/PR:N/UI:R |VSS:3.0/AV:N/AC:H/PR:N/UI:R
|/S:U/C:H/I:H/A:N,cwe=CWE-29 |/S:U/C:H/I:H/A:N,cwe=CWE-29
|5,fedora-all/qpid-proton-ja |5,fedora-all/qpid-proton-ja
|va=affected,mrg-m-3/qpid-pr |va=affected,mrg-m-3/qpid-pr
|oton-java=new,amq-6/proton- |oton-java=wontfix/impact=lo
|j=new,fuse-6/proton-j=new,f |w,amq-6/proton-j=new,fuse-6
|use-7/proton-j=new,vertx-3/ |/proton-j=new,fuse-7/proton
|proton-j=new |-j=new,vertx-3/proton-j=new
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months
[Bug 1448498] apache-sshd-2.0.0 is available
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1448498
Randy Barlow <rbarlow(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ON_QA |CLOSED
Resolution|--- |ERRATA
Last Closed| |2018-12-10 23:19:57
--- Comment #6 from Randy Barlow <rbarlow(a)redhat.com> ---
An update associated with this bug has been pushed to stable.
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 5 months