Action not permitted
Modal body text goes here.
CVE-2014-7819
Vulnerability from cvelistv5
Published
2014-11-08 11:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html | Mailing List, Third Party Advisory | |
secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html | Mailing List, Third Party Advisory | |
secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html | Mailing List, Third Party Advisory | |
secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html | Mailing List, Third Party Advisory | |
secalert@redhat.com | https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ | Third Party Advisory | |
secalert@redhat.com | https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ | Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T13:03:27.170Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2014:1504", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html" }, { "name": "openSUSE-SU-2014:1514", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html" }, { "name": "[rubyonrails-security] 20141030 [AMENDED] [CVE-2014-7819] Arbitrary file existence disclosure in Sprockets", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ" }, { "name": "openSUSE-SU-2014:1502", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html" }, { "name": "openSUSE-SU-2014:1513", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html" }, { "name": "[rubyonrails-security] 20141030 Arbitrary file existence disclosure in Sprockets (CVE-2014-7819)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-10-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-12-01T15:57:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "openSUSE-SU-2014:1504", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html" }, { "name": "openSUSE-SU-2014:1514", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html" }, { "name": "[rubyonrails-security] 20141030 [AMENDED] [CVE-2014-7819] Arbitrary file existence disclosure in Sprockets", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ" }, { "name": "openSUSE-SU-2014:1502", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html" }, { "name": "openSUSE-SU-2014:1513", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html" }, { "name": "[rubyonrails-security] 20141030 Arbitrary file existence disclosure in Sprockets (CVE-2014-7819)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-7819", "datePublished": "2014-11-08T11:00:00", "dateReserved": "2014-10-03T00:00:00", "dateUpdated": "2024-08-06T13:03:27.170Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2014-7819\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-11-08T11:55:03.023\",\"lastModified\":\"2023-02-13T00:42:25.267\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de salto de directorio en server.rb en Sprockets anterior a 2.0.5, 2.1.x anterior a 2.1.4, 2.2.x anterior a 2.2.3, 2.3.x anterior a 2.3.3, 2.4.x anterior a 2.4.6, 2.5.x anterior a 2.5.1, 2.6.x y 2.7.x anterior a 2.7.1, 2.8.x anterior a 2.8.3, 2.9.x anterior a 2.9.4, 2.10.x anterior a 2.10.2, 2.11.x anterior a 2.11.3, 2.12.x anterior a 2.12.3, y 3.x anterior a 3.0.0.beta.3, distribuido con Ruby on Rails 3.x y 4.x, permiten a atacantes remotos determinar la existencia de ficheros fuera del root de la aplicaci\u00f3n a trav\u00e9s de una secuencia ../ (punto punto barra) con (1) barras dobles o (2) codificaci\u00f3n de URL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"2.0.5\",\"matchCriteriaId\":\"36F5A38C-B51C-4455-80B2-3FA89022C72B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.1.0\",\"versionEndExcluding\":\"2.1.4\",\"matchCriteriaId\":\"B8177C76-1C51-41E2-9647-107A76D9A9C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.3\",\"matchCriteriaId\":\"328E446A-05ED-4B23-9027-BC43A529C1AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"2.3.3\",\"matchCriteriaId\":\"659F0437-C16E-422C-89A8-448EDA78F48E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.4.6\",\"matchCriteriaId\":\"02AFF247-E71C-4C01-AB2A-EAF1CF171AC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.5.0\",\"versionEndExcluding\":\"2.5.1\",\"matchCriteriaId\":\"50BAFDB7-A9B8-42E7-BC49-0D38DBC1E527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndExcluding\":\"2.7.1\",\"matchCriteriaId\":\"DDDE474C-2C05-4D15-B24F-82635B7FD896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.8.0\",\"versionEndExcluding\":\"2.8.3\",\"matchCriteriaId\":\"4D4C63A3-F044-49CD-8D72-D8614C359250\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.4\",\"matchCriteriaId\":\"7774FEE9-5ED9-4976-B363-38D838B8BA57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.10.0\",\"versionEndExcluding\":\"2.10.2\",\"matchCriteriaId\":\"7660A259-00F1-4CB6-AAE6-85D769DB4A64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.11.0\",\"versionEndExcluding\":\"2.11.3\",\"matchCriteriaId\":\"70228E9F-071E-45B6-9FBA-FE85DB04806E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.12.0\",\"versionEndExcluding\":\"2.12.3\",\"matchCriteriaId\":\"EA983B03-4446-4FE4-8EC7-DAFC9498CE6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8632528E-DF46-47BC-A229-E773D0CA4EC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E99F6172-6BF6-4FD1-BA63-1A9A0244FBD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D71F8E-38B6-4E96-B745-3D19DC64504D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhba-2015_1100
Vulnerability from csaf_redhat
Published
2015-06-16 12:28
Modified
2024-11-22 08:32
Summary
Red Hat Bug Fix Advisory: CFME 5.4.0 bug fixes, and enhancement update
Notes
Topic
Updated cfme packages that fix several bugs, and add various enhancements are now available for Red Hat CloudForms 3.2.
Details
Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.
Action Pack implements the controller and the view components.
This update also fixes several bugs and adds various enhancements.
Documentation for these changes is available in the Release Notes and Technical Notes documents linked to in the References section.
All cfme users are advised to upgrade to these updated packages, which
correct these issues and add these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated cfme packages that fix several bugs, and add various enhancements are now available for Red Hat CloudForms 3.2.", "title": "Topic" }, { "category": "general", "text": "Red Hat CloudForms Management Engine delivers the insight, control, and\nautomation needed to address the challenges of managing virtual\nenvironments. CloudForms Management Engine is built on Ruby on Rails, a\nmodel-view-controller (MVC) framework for web application development.\nAction Pack implements the controller and the view components.\n\nThis update also fixes several bugs and adds various enhancements.\nDocumentation for these changes is available in the Release Notes and Technical Notes documents linked to in the References section.\n\nAll cfme users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2015:1100", "url": "https://access.redhat.com/errata/RHBA-2015:1100" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/Red_Hat_CloudForms/3.2/html/Release_Notes/index.html", "url": "https://access.redhat.com/documentation/en-US/Red_Hat_CloudForms/3.2/html/Release_Notes/index.html" }, { "category": "external", "summary": "1146178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1146178" }, { "category": "external", "summary": "1160890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1160890" }, { "category": "external", "summary": "1161248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161248" }, { "category": "external", "summary": "1161253", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161253" }, { "category": "external", "summary": "1161322", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161322" }, { "category": "external", "summary": "1161701", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161701" }, { "category": "external", "summary": "1161744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161744" }, { "category": "external", "summary": "1163382", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163382" }, { "category": "external", "summary": "1163465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163465" }, { "category": "external", "summary": "1163468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163468" }, { "category": "external", "summary": "1163469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163469" }, { "category": "external", "summary": "1163472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163472" }, { "category": "external", "summary": "1163661", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163661" }, { "category": "external", "summary": "1163952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163952" }, { "category": "external", "summary": "1163978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163978" }, { "category": "external", "summary": "1164033", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164033" }, { "category": "external", "summary": "1164386", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164386" }, { "category": "external", "summary": "1164764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164764" }, { "category": "external", "summary": "1166187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166187" }, { "category": "external", "summary": "1166198", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166198" }, { "category": "external", "summary": "1166303", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166303" }, { "category": "external", "summary": "1166328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166328" }, { "category": "external", "summary": "1166861", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1166861" }, { "category": "external", "summary": "1167110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1167110" }, { "category": "external", "summary": "1167308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1167308" }, { "category": "external", "summary": "1167410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1167410" }, { "category": "external", "summary": "1168337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168337" }, { "category": "external", "summary": "1168345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168345" }, { "category": "external", "summary": "1169351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169351" }, { "category": "external", "summary": "1169502", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169502" }, { "category": "external", "summary": "1169930", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169930" }, { "category": "external", "summary": "1169937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169937" }, { "category": "external", "summary": "1170319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170319" }, { "category": "external", "summary": "1170358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170358" }, { "category": "external", "summary": "1170813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170813" }, { "category": "external", "summary": "1171167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171167" }, { "category": "external", "summary": "1171286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171286" }, { "category": "external", "summary": "1171577", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171577" }, { "category": "external", "summary": "1171589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171589" }, { "category": "external", "summary": "1171738", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171738" }, { "category": "external", "summary": "1171780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1171780" }, { "category": "external", "summary": "1172298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1172298" }, { "category": "external", "summary": "1173213", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173213" }, { "category": "external", "summary": "1173216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173216" }, { "category": "external", "summary": "1173251", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173251" }, { "category": "external", "summary": "1173336", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173336" }, { "category": "external", "summary": "1173712", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173712" }, { "category": "external", "summary": "1174855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174855" }, { "category": "external", "summary": "1174881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174881" }, { "category": "external", "summary": "1176280", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176280" }, { "category": "external", "summary": "1176619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176619" }, { "category": "external", "summary": "1176689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176689" }, { "category": "external", "summary": "1176721", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176721" }, { "category": "external", "summary": "1177015", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1177015" }, { "category": "external", "summary": "1177809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1177809" }, { "category": "external", "summary": "1178078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178078" }, { "category": "external", "summary": "1178697", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178697" }, { "category": "external", "summary": "1178729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178729" }, { "category": "external", "summary": "1179503", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179503" }, { "category": "external", "summary": "1179797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179797" }, { "category": "external", "summary": "1179807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179807" }, { "category": "external", "summary": "1179907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179907" }, { "category": "external", "summary": "1179908", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179908" }, { "category": "external", "summary": "1179958", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179958" }, { "category": "external", "summary": "1180313", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180313" }, { "category": "external", "summary": "1180649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180649" }, { "category": "external", "summary": "1180746", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180746" }, { "category": "external", "summary": "1181429", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181429" }, { "category": "external", "summary": "1181768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181768" }, { "category": "external", "summary": "1182329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1182329" }, { "category": "external", "summary": "1182330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1182330" }, { "category": "external", "summary": "1182654", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1182654" }, { "category": "external", "summary": "1182795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1182795" }, { "category": "external", "summary": "1183757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183757" }, { "category": "external", "summary": "1184250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1184250" }, { "category": "external", "summary": "1184267", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1184267" }, { "category": "external", "summary": "1184343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1184343" }, { "category": "external", "summary": "1184465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1184465" }, { "category": "external", "summary": "1184575", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1184575" }, { "category": "external", "summary": "1184637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1184637" }, { "category": "external", "summary": "1184990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1184990" }, { "category": "external", "summary": "1185042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185042" }, { "category": "external", "summary": "1186364", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186364" }, { "category": "external", "summary": "1186413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186413" }, { "category": "external", "summary": "1186485", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186485" }, { "category": "external", "summary": "1186502", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186502" }, { "category": "external", "summary": "1186911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186911" }, { "category": "external", "summary": "1187233", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1187233" }, { "category": "external", "summary": "1187836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1187836" }, { "category": "external", "summary": "1188401", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188401" }, { "category": "external", "summary": "1188427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188427" }, { "category": "external", "summary": "1188436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188436" }, { "category": "external", "summary": "1188585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188585" }, { "category": "external", "summary": "1188597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188597" }, { "category": "external", "summary": "1188798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188798" }, { "category": "external", "summary": "1190054", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190054" }, { "category": "external", "summary": "1190211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190211" }, { "category": "external", "summary": "1190260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190260" }, { "category": "external", "summary": "1190293", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190293" }, { "category": "external", "summary": "1190564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190564" }, { "category": "external", "summary": "1190565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190565" }, { "category": "external", "summary": "1190584", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190584" }, { "category": "external", "summary": "1190603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190603" }, { "category": "external", "summary": "1190667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190667" }, { "category": "external", "summary": "1190672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190672" }, { "category": "external", "summary": "1190852", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190852" }, { "category": "external", "summary": "1190855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190855" }, { "category": "external", "summary": "1191197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191197" }, { "category": "external", "summary": "1191279", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191279" }, { "category": "external", "summary": "1191468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191468" }, { "category": "external", "summary": "1191489", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191489" }, { "category": "external", "summary": "1191496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191496" }, { "category": "external", "summary": "1191585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191585" }, { "category": "external", "summary": "1192039", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192039" }, { "category": "external", "summary": "1192198", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192198" }, { "category": "external", "summary": "1192223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192223" }, { "category": "external", "summary": "1192409", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192409" }, { "category": "external", "summary": "1192518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192518" }, { "category": "external", "summary": "1192562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192562" }, { "category": "external", "summary": "1193183", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193183" }, { "category": "external", "summary": "1193522", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193522" }, { "category": "external", "summary": "1193615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193615" }, { "category": "external", "summary": "1193847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193847" }, { "category": "external", "summary": "1194223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194223" }, { "category": "external", "summary": "1194242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194242" }, { "category": "external", "summary": "1194319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194319" }, { "category": "external", "summary": "1194479", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194479" }, { "category": "external", "summary": "1195407", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195407" }, { "category": "external", "summary": "1195754", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195754" }, { "category": "external", "summary": "1195832", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195832" }, { "category": "external", "summary": "1195877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195877" }, { "category": "external", "summary": "1196369", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196369" }, { "category": "external", "summary": "1196384", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196384" }, { "category": "external", "summary": "1196851", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196851" }, { "category": "external", "summary": "1196852", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196852" }, { "category": "external", "summary": "1197067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1197067" }, { "category": "external", "summary": "1198111", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198111" }, { "category": "external", "summary": "1198594", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198594" }, { "category": "external", "summary": "1198735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198735" }, { "category": "external", "summary": "1198814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198814" }, { "category": "external", "summary": "1198867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198867" }, { "category": "external", "summary": "1199240", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199240" }, { "category": "external", "summary": "1199915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199915" }, { "category": "external", "summary": "1200424", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200424" }, { "category": "external", "summary": "1200601", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200601" }, { "category": "external", "summary": "1200757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200757" }, { "category": "external", "summary": "1200783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200783" }, { "category": "external", "summary": "1200854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200854" }, { "category": "external", "summary": "1200925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200925" }, { "category": "external", "summary": "1201092", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201092" }, { "category": "external", "summary": "1201093", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201093" }, { "category": "external", "summary": "1201097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201097" }, { "category": "external", "summary": "1201132", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201132" }, { "category": "external", "summary": "1201137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201137" }, { "category": "external", "summary": "1201140", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201140" }, { "category": "external", "summary": "1201378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201378" }, { "category": "external", "summary": "1201383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201383" }, { "category": "external", "summary": "1201531", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201531" }, { "category": "external", "summary": "1201684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201684" }, { "category": "external", "summary": "1201716", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201716" }, { "category": "external", "summary": "1201720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201720" }, { "category": "external", "summary": "1201751", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201751" }, { "category": "external", "summary": "1201771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201771" }, { "category": "external", "summary": "1201883", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201883" }, { "category": "external", "summary": "1201920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201920" }, { "category": "external", "summary": "1201932", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201932" }, { "category": "external", "summary": "1202195", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202195" }, { "category": "external", "summary": "1202216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202216" }, { "category": "external", "summary": "1202229", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202229" }, { "category": "external", "summary": "1202394", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202394" }, { "category": "external", "summary": "1202412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202412" }, { "category": "external", "summary": "1202415", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202415" }, { "category": "external", "summary": "1202427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202427" }, { "category": "external", "summary": "1202465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202465" }, { "category": "external", "summary": "1202478", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202478" }, { "category": "external", "summary": "1202491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202491" }, { "category": "external", "summary": "1202543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202543" }, { "category": "external", "summary": "1202648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202648" }, { "category": "external", "summary": "1202655", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202655" }, { "category": "external", "summary": "1202660", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202660" }, { "category": "external", "summary": "1202681", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202681" }, { "category": "external", "summary": "1202816", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202816" }, { "category": "external", "summary": "1203003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203003" }, { "category": "external", "summary": "1203168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203168" }, { "category": "external", "summary": "1203184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203184" }, { "category": "external", "summary": "1203207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203207" }, { "category": "external", "summary": "1203301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203301" }, { "category": "external", "summary": "1203426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203426" }, { "category": "external", "summary": "1203442", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203442" }, { "category": "external", "summary": "1203547", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203547" }, { "category": "external", "summary": "1203713", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203713" }, { "category": "external", "summary": "1204115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204115" }, { "category": "external", "summary": "1204117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204117" }, { "category": "external", "summary": "1204125", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204125" }, { "category": "external", "summary": "1204232", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204232" }, { "category": "external", "summary": "1204252", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204252" }, { "category": "external", "summary": "1204548", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204548" }, { "category": "external", "summary": "1204599", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204599" }, { "category": "external", "summary": "1204629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204629" }, { "category": "external", "summary": "1204635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204635" }, { "category": "external", "summary": "1204899", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204899" }, { "category": "external", "summary": "1204912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204912" }, { "category": "external", "summary": "1204943", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204943" }, { "category": "external", "summary": "1205137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205137" }, { "category": "external", "summary": "1205213", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205213" }, { "category": "external", "summary": "1205235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205235" }, { "category": "external", "summary": "1205247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205247" }, { "category": "external", "summary": "1205347", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205347" }, { "category": "external", "summary": "1205386", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205386" }, { "category": "external", "summary": "1205407", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205407" }, { "category": "external", "summary": "1205453", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205453" }, { "category": "external", "summary": "1205496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205496" }, { "category": "external", "summary": "1205779", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205779" }, { "category": "external", "summary": "1205898", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205898" }, { "category": "external", "summary": "1205918", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205918" }, { "category": "external", "summary": "1205919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205919" }, { "category": "external", "summary": "1205920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205920" }, { "category": "external", "summary": "1206016", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206016" }, { "category": "external", "summary": "1206022", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206022" }, { "category": "external", "summary": "1206023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206023" }, { "category": "external", "summary": "1206028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206028" }, { "category": "external", "summary": "1206122", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206122" }, { "category": "external", "summary": "1206124", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206124" }, { "category": "external", "summary": "1206141", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206141" }, { "category": "external", "summary": "1206142", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206142" }, { "category": "external", "summary": "1206204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206204" }, { "category": "external", "summary": "1206263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206263" }, { "category": "external", "summary": "1206662", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206662" }, { "category": "external", "summary": "1206672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206672" }, { "category": "external", "summary": "1206675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206675" }, { "category": "external", "summary": "1206687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206687" }, { "category": "external", "summary": "1206727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206727" }, { "category": "external", "summary": "1206729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206729" }, { "category": "external", "summary": "1207018", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207018" }, { "category": "external", "summary": "1207112", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207112" }, { "category": "external", "summary": "1207209", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207209" }, { "category": "external", "summary": "1207259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207259" }, { "category": "external", "summary": "1207298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207298" }, { "category": "external", "summary": "1207313", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207313" }, { "category": "external", "summary": "1207631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207631" }, { "category": "external", "summary": "1207641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207641" }, { "category": "external", "summary": "1207788", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207788" }, { "category": "external", "summary": "1207842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207842" }, { "category": "external", "summary": "1207859", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207859" }, { "category": "external", "summary": "1207865", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207865" }, { "category": "external", "summary": "1207895", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207895" }, { "category": "external", "summary": "1208129", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208129" }, { "category": "external", "summary": "1208152", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208152" }, { "category": "external", "summary": "1208258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208258" }, { "category": "external", "summary": "1208642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208642" }, { "category": "external", "summary": "1208698", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208698" }, { "category": "external", "summary": "1208852", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208852" }, { "category": "external", "summary": "1209015", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209015" }, { "category": "external", "summary": "1209262", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209262" }, { "category": "external", "summary": "1209421", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209421" }, { "category": "external", "summary": "1209557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209557" }, { "category": "external", "summary": "1209629", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209629" }, { "category": "external", "summary": "1209641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209641" }, { "category": "external", "summary": "1209642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209642" }, { "category": "external", "summary": "1209711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209711" }, { "category": "external", "summary": "1209756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209756" }, { "category": "external", "summary": "1209847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209847" }, { "category": "external", "summary": "1209945", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209945" }, { "category": "external", "summary": "1210089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210089" }, { "category": "external", "summary": "1210094", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210094" }, { "category": "external", "summary": "1210277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210277" }, { "category": "external", "summary": "1210376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210376" }, { "category": "external", "summary": "1210385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210385" }, { "category": "external", "summary": "1210507", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210507" }, { "category": "external", "summary": "1210761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210761" }, { "category": "external", "summary": "1211121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211121" }, { "category": "external", "summary": "1211125", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211125" }, { "category": "external", "summary": "1211209", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211209" }, { "category": "external", "summary": "1211241", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211241" }, { "category": "external", "summary": "1211249", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211249" }, { "category": "external", "summary": "1211306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211306" }, { "category": "external", "summary": "1211308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211308" }, { "category": "external", "summary": "1211364", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211364" }, { "category": "external", "summary": "1211385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211385" }, { "category": "external", "summary": "1211392", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211392" }, { "category": "external", "summary": "1211409", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211409" }, { "category": "external", "summary": "1211410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211410" }, { "category": "external", "summary": "1211489", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211489" }, { "category": "external", "summary": "1211553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211553" }, { "category": "external", "summary": "1211592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211592" }, { "category": "external", "summary": "1211620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211620" }, { "category": "external", "summary": "1211652", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211652" }, { "category": "external", "summary": "1211687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211687" }, { "category": "external", "summary": "1211693", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211693" }, { "category": "external", "summary": "1212052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212052" }, { "category": "external", "summary": "1212123", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212123" }, { "category": "external", "summary": "1212164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212164" }, { "category": "external", "summary": "1212382", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212382" }, { "category": "external", "summary": "1212411", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212411" }, { "category": "external", "summary": "1212423", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212423" }, { "category": "external", "summary": "1212428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212428" }, { "category": "external", "summary": "1212466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212466" }, { "category": "external", "summary": "1212534", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212534" }, { "category": "external", "summary": "1212656", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212656" }, { "category": "external", "summary": "1212687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212687" }, { "category": "external", "summary": "1212778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212778" }, { "category": "external", "summary": "1213014", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213014" }, { "category": "external", "summary": "1213044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213044" }, { "category": "external", "summary": "1213145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213145" }, { "category": "external", "summary": "1213378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213378" }, { "category": "external", "summary": "1213533", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213533" }, { "category": "external", "summary": "1213553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213553" }, { "category": "external", "summary": "1213570", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213570" }, { "category": "external", "summary": "1213853", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213853" }, { "category": "external", "summary": "1213863", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213863" }, { "category": "external", "summary": "1213874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213874" }, { "category": "external", "summary": "1213939", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213939" }, { "category": "external", "summary": "1214005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214005" }, { "category": "external", "summary": "1214012", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214012" }, { "category": "external", "summary": "1214081", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214081" }, { "category": "external", "summary": "1214204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214204" }, { "category": "external", "summary": "1214543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214543" }, { "category": "external", "summary": "1214680", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214680" }, { "category": "external", "summary": "1214690", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214690" }, { "category": "external", "summary": "1214725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214725" }, { "category": "external", "summary": "1214776", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214776" }, { "category": "external", "summary": "1214833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214833" }, { "category": "external", "summary": "1214925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214925" }, { "category": "external", "summary": "1215216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215216" }, { "category": "external", "summary": "1215272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215272" }, { "category": "external", "summary": "1215285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215285" }, { "category": "external", "summary": "1215566", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215566" }, { "category": "external", "summary": "1215615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215615" }, { "category": "external", "summary": "1215812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215812" }, { "category": "external", "summary": "1216005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216005" }, { "category": "external", "summary": "1216157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216157" }, { "category": "external", "summary": "1216209", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216209" }, { "category": "external", "summary": "1216210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216210" }, { "category": "external", "summary": "1216222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216222" }, { "category": "external", "summary": "1216224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216224" }, { "category": "external", "summary": "1216969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216969" }, { "category": "external", "summary": "1216978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216978" }, { "category": "external", "summary": "1217161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217161" }, { "category": "external", "summary": "1217195", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217195" }, { "category": "external", "summary": "1217216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217216" }, { "category": "external", "summary": "1217253", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217253" }, { "category": "external", "summary": "1217257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217257" }, { "category": "external", "summary": "1217262", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217262" }, { "category": "external", "summary": "1217324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217324" }, { "category": "external", "summary": "1217336", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217336" }, { "category": "external", "summary": "1217348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217348" }, { "category": "external", "summary": "1217391", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217391" }, { "category": "external", "summary": "1217394", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217394" }, { "category": "external", "summary": "1217532", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217532" }, { "category": "external", "summary": "1217597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217597" }, { "category": "external", "summary": "1217601", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217601" }, { "category": "external", "summary": "1217637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217637" }, { "category": "external", "summary": "1217812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217812" }, { "category": "external", "summary": "1217818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1217818" }, { "category": "external", "summary": "1218406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218406" }, { "category": "external", "summary": "1218429", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218429" }, { "category": "external", "summary": "1218436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218436" }, { "category": "external", "summary": "1218441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218441" }, { "category": "external", "summary": "1218607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218607" }, { "category": "external", "summary": "1218786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218786" }, { "category": "external", "summary": "1218944", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218944" }, { "category": "external", "summary": "1219019", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219019" }, { "category": "external", "summary": "1219098", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219098" }, { "category": "external", "summary": "1219171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219171" }, { "category": "external", "summary": "1219329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219329" }, { "category": "external", "summary": "1219439", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219439" }, { "category": "external", "summary": "1219614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219614" }, { "category": "external", "summary": "1219642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219642" }, { "category": "external", "summary": "1220383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1220383" }, { "category": "external", "summary": "1220516", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1220516" }, { "category": "external", "summary": "1220882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1220882" }, { "category": "external", "summary": "1220901", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1220901" }, { "category": "external", "summary": "1221299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221299" }, { "category": "external", "summary": "1221324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221324" }, { "category": "external", "summary": "1221366", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221366" }, { "category": "external", "summary": "1221479", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221479" }, { "category": "external", "summary": "1221510", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221510" }, { "category": "external", "summary": "1221716", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221716" }, { "category": "external", "summary": "1222035", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222035" }, { "category": "external", "summary": "1222138", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222138" }, { "category": "external", "summary": "1222615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222615" }, { "category": "external", "summary": "1222616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222616" }, { "category": "external", "summary": "1223042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223042" }, { "category": "external", "summary": "1223835", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223835" }, { "category": "external", "summary": "1223934", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223934" }, { "category": "external", "summary": "1225173", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1225173" }, { "category": "external", "summary": "1225178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1225178" }, { "category": "external", "summary": "1225205", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1225205" }, { "category": "external", "summary": "1225377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1225377" }, { "category": "external", "summary": "1225662", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1225662" }, { "category": "external", "summary": "1226428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1226428" }, { "category": "external", "summary": "1227441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227441" }, { "category": "external", "summary": "1228407", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228407" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhba-2015_1100.json" } ], "title": "Red Hat Bug Fix Advisory: CFME 5.4.0 bug fixes, and enhancement update", "tracking": { "current_release_date": "2024-11-22T08:32:10+00:00", "generator": { "date": "2024-11-22T08:32:10+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHBA-2015:1100", "initial_release_date": "2015-06-16T12:28:42+00:00", "revision_history": [ { "date": "2015-06-16T12:28:42+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-06-16T12:28:42+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T08:32:10+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "CloudForms Management Engine 5.4", "product": { "name": "CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6" } } } ], "category": "product_family", "name": "Red Hat CloudForms" }, { "branches": [ { "category": "product_version", "name": "open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "product": { "name": "open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "product_id": "open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/open-vm-tools-desktop@9.2.3-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "open-vm-tools-0:9.2.3-5.el6cf.x86_64", "product": { "name": "open-vm-tools-0:9.2.3-5.el6cf.x86_64", "product_id": "open-vm-tools-0:9.2.3-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/open-vm-tools@9.2.3-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "product": { "name": "open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "product_id": "open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/open-vm-tools-debuginfo@9.2.3-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "product": { "name": "open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "product_id": "open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/open-vm-tools-devel@9.2.3-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "pyliblzma-0:0.5.3-7.el6cf.x86_64", "product": { "name": "pyliblzma-0:0.5.3-7.el6cf.x86_64", "product_id": "pyliblzma-0:0.5.3-7.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pyliblzma@0.5.3-7.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "product": { "name": "pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "product_id": "pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/pyliblzma-debuginfo@0.5.3-7.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "product": { "name": "libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "product_id": "libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libdnet-debuginfo@1.12-11.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "libdnet-0:1.12-11.el6cf.x86_64", "product": { "name": "libdnet-0:1.12-11.el6cf.x86_64", "product_id": "libdnet-0:1.12-11.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libdnet@1.12-11.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "libdnet-progs-0:1.12-11.el6cf.x86_64", "product": { "name": "libdnet-progs-0:1.12-11.el6cf.x86_64", "product_id": "libdnet-progs-0:1.12-11.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libdnet-progs@1.12-11.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "libdnet-devel-0:1.12-11.el6cf.x86_64", "product": { "name": "libdnet-devel-0:1.12-11.el6cf.x86_64", "product_id": "libdnet-devel-0:1.12-11.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/libdnet-devel@1.12-11.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "prince-0:9.0r2-4.el6cf.x86_64", "product": { "name": "prince-0:9.0r2-4.el6cf.x86_64", "product_id": "prince-0:9.0r2-4.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/prince@9.0r2-4.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "product": { "name": "netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "product_id": "netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/netapp-manageability-sdk@4.0P1-3.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "product": { "name": "netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "product_id": "netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/netapp-manageability-sdk-devel@4.0P1-3.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "product": { "name": "cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "product_id": "cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-vnc-plugin-debuginfo@1.0.0-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "product": { "name": "cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "product_id": "cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-vnc-plugin@1.0.0-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "product": { "name": "lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "product_id": "lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lshw-debuginfo@B.02.16-4.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "lshw-gui-0:B.02.16-4.el6cf.x86_64", "product": { "name": "lshw-gui-0:B.02.16-4.el6cf.x86_64", "product_id": "lshw-gui-0:B.02.16-4.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lshw-gui@B.02.16-4.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "lshw-0:B.02.16-4.el6cf.x86_64", "product": { "name": "lshw-0:B.02.16-4.el6cf.x86_64", "product_id": "lshw-0:B.02.16-4.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lshw@B.02.16-4.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "product": { "name": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "product_id": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-qpid_messaging@0.20.2-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "product": { "name": "ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "product_id": "ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-qpid_messaging-debuginfo@0.20.2-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "wmi-debuginfo-0:1.3.14-1.el6cf.x86_64", "product": { "name": "wmi-debuginfo-0:1.3.14-1.el6cf.x86_64", "product_id": "wmi-debuginfo-0:1.3.14-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/wmi-debuginfo@1.3.14-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "wmi-0:1.3.14-1.el6cf.x86_64", "product": { "name": "wmi-0:1.3.14-1.el6cf.x86_64", "product_id": "wmi-0:1.3.14-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/wmi@1.3.14-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "product": { "name": "ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "product_id": "ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-pg-debuginfo@0.12.2-9.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "product": { "name": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "product_id": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-pg@0.12.2-9.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "product_id": "ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-eventmachine-debuginfo@1.0.7-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "product_id": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-eventmachine@1.0.7-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "product_id": "ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-json-debuginfo@1.8.2-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "product_id": "ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-json@1.8.2-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "product_id": "ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-nokogiri-debuginfo@1.5.11-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "product_id": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-nokogiri@1.5.11-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "product_id": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-bcrypt-ruby@3.0.1-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "product": { "name": "ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "product_id": "ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-bcrypt-ruby-debuginfo@3.0.1-2.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "product": { "name": "ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "product_id": "ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-io-extra-debuginfo@1.2.8-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "product": { "name": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "product_id": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-io-extra@1.2.8-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "product": { "name": "ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "product_id": "ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-psych-debuginfo@2.0.13-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "product": { "name": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "product_id": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-psych@2.0.13-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "product": { "name": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "product_id": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-ffi@1.9.8-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "product": { "name": "ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "product_id": "ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-ffi-debuginfo@1.9.8-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "product": { "name": "ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "product_id": "ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-thin-debuginfo@1.3.1-9.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "product": { "name": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "product_id": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-thin@1.3.1-9.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "product": { "name": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "product_id": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-therubyracer@0.11.0-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "product": { "name": "ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "product_id": "ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-therubyracer-debuginfo@0.11.0-5.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "product": { "name": "cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "product_id": "cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-lib@5.4.0.5-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "product": { "name": "cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "product_id": "cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-debuginfo@5.4.0.5-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "product": { "name": "cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "product_id": "cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-appliance@5.4.0.5-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "cfme-0:5.4.0.5-1.el6cf.x86_64", "product": { "name": "cfme-0:5.4.0.5-1.el6cf.x86_64", "product_id": "cfme-0:5.4.0.5-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme@5.4.0.5-1.el6cf?arch=x86_64" } } }, { "category": "product_version", "name": "cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "product": { "name": "cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "product_id": "cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-gemset@5.4.0.5-1.el6cf?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "open-vm-tools-0:9.2.3-5.el6cf.src", "product": { "name": "open-vm-tools-0:9.2.3-5.el6cf.src", "product_id": "open-vm-tools-0:9.2.3-5.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/open-vm-tools@9.2.3-5.el6cf?arch=src" } } }, { "category": "product_version", "name": "sneakernet_ca-0:0.1-2.el6cf.src", "product": { "name": "sneakernet_ca-0:0.1-2.el6cf.src", "product_id": "sneakernet_ca-0:0.1-2.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/sneakernet_ca@0.1-2.el6cf?arch=src" } } }, { "category": "product_version", "name": "pyliblzma-0:0.5.3-7.el6cf.src", "product": { "name": "pyliblzma-0:0.5.3-7.el6cf.src", "product_id": "pyliblzma-0:0.5.3-7.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/pyliblzma@0.5.3-7.el6cf?arch=src" } } }, { "category": "product_version", "name": "libdnet-0:1.12-11.el6cf.src", "product": { "name": "libdnet-0:1.12-11.el6cf.src", "product_id": "libdnet-0:1.12-11.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/libdnet@1.12-11.el6cf?arch=src" } } }, { "category": "product_version", "name": "prince-0:9.0r2-4.el6cf.src", "product": { "name": "prince-0:9.0r2-4.el6cf.src", "product_id": "prince-0:9.0r2-4.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/prince@9.0r2-4.el6cf?arch=src" } } }, { "category": "product_version", "name": "netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "product": { "name": "netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "product_id": "netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/netapp-manageability-sdk@4.0P1-3.el6cf?arch=src" } } }, { "category": "product_version", "name": "cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "product": { "name": "cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "product_id": "cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-vnc-plugin@1.0.0-2.el6cf?arch=src" } } }, { "category": "product_version", "name": "lshw-0:B.02.16-4.el6cf.src", "product": { "name": "lshw-0:B.02.16-4.el6cf.src", "product_id": "lshw-0:B.02.16-4.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/lshw@B.02.16-4.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "product": { "name": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "product_id": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-qpid_messaging@0.20.2-5.el6cf?arch=src" } } }, { "category": "product_version", "name": "wmi-0:1.3.14-1.el6cf.src", "product": { "name": "wmi-0:1.3.14-1.el6cf.src", "product_id": "wmi-0:1.3.14-1.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/wmi@1.3.14-1.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "product": { "name": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "product_id": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-pg@0.12.2-9.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "product": { "name": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "product_id": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-eventmachine@1.0.7-2.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "product": { "name": "ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "product_id": "ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-json@1.8.2-2.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "product": { "name": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "product_id": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-nokogiri@1.5.11-2.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "product": { "name": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "product_id": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-bcrypt-ruby@3.0.1-2.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "product": { "name": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "product_id": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-io-extra@1.2.8-1.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "product": { "name": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "product_id": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-psych@2.0.13-1.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "product": { "name": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "product_id": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-ffi@1.9.8-1.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "product": { "name": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "product_id": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-thin@1.3.1-9.el6cf?arch=src" } } }, { "category": "product_version", "name": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "product": { "name": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "product_id": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ruby200-rubygem-therubyracer@0.11.0-5.el6cf?arch=src" } } }, { "category": "product_version", "name": "cfme-0:5.4.0.5-1.el6cf.src", "product": { "name": "cfme-0:5.4.0.5-1.el6cf.src", "product_id": "cfme-0:5.4.0.5-1.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme@5.4.0.5-1.el6cf?arch=src" } } }, { "category": "product_version", "name": "cfme-gemset-0:5.4.0.5-1.el6cf.src", "product": { "name": "cfme-gemset-0:5.4.0.5-1.el6cf.src", "product_id": "cfme-gemset-0:5.4.0.5-1.el6cf.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cfme-gemset@5.4.0.5-1.el6cf?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "sneakernet_ca-0:0.1-2.el6cf.noarch", "product": { "name": "sneakernet_ca-0:0.1-2.el6cf.noarch", "product_id": "sneakernet_ca-0:0.1-2.el6cf.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/sneakernet_ca@0.1-2.el6cf?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "cfme-0:5.4.0.5-1.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src" }, "product_reference": "cfme-0:5.4.0.5-1.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-0:5.4.0.5-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64" }, "product_reference": "cfme-0:5.4.0.5-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-appliance-0:5.4.0.5-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64" }, "product_reference": "cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64" }, "product_reference": "cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-gemset-0:5.4.0.5-1.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src" }, "product_reference": "cfme-gemset-0:5.4.0.5-1.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-gemset-0:5.4.0.5-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64" }, "product_reference": "cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-lib-0:5.4.0.5-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64" }, "product_reference": "cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-vnc-plugin-0:1.0.0-2.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src" }, "product_reference": "cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64" }, "product_reference": "cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64" }, "product_reference": "cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "libdnet-0:1.12-11.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src" }, "product_reference": "libdnet-0:1.12-11.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "libdnet-0:1.12-11.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64" }, "product_reference": "libdnet-0:1.12-11.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "libdnet-debuginfo-0:1.12-11.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64" }, "product_reference": "libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "libdnet-devel-0:1.12-11.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64" }, "product_reference": "libdnet-devel-0:1.12-11.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "libdnet-progs-0:1.12-11.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64" }, "product_reference": "libdnet-progs-0:1.12-11.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "lshw-0:B.02.16-4.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src" }, "product_reference": "lshw-0:B.02.16-4.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "lshw-0:B.02.16-4.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64" }, "product_reference": "lshw-0:B.02.16-4.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "lshw-debuginfo-0:B.02.16-4.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64" }, "product_reference": "lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "lshw-gui-0:B.02.16-4.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64" }, "product_reference": "lshw-gui-0:B.02.16-4.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "netapp-manageability-sdk-0:4.0P1-3.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src" }, "product_reference": "netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64" }, "product_reference": "netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64" }, "product_reference": "netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "open-vm-tools-0:9.2.3-5.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src" }, "product_reference": "open-vm-tools-0:9.2.3-5.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "open-vm-tools-0:9.2.3-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64" }, "product_reference": "open-vm-tools-0:9.2.3-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64" }, "product_reference": "open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64" }, "product_reference": "open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64" }, "product_reference": "open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "prince-0:9.0r2-4.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src" }, "product_reference": "prince-0:9.0r2-4.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "prince-0:9.0r2-4.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64" }, "product_reference": "prince-0:9.0r2-4.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "pyliblzma-0:0.5.3-7.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src" }, "product_reference": "pyliblzma-0:0.5.3-7.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "pyliblzma-0:0.5.3-7.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64" }, "product_reference": "pyliblzma-0:0.5.3-7.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64" }, "product_reference": "pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src" }, "product_reference": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src" }, "product_reference": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src" }, "product_reference": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src" }, "product_reference": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-json-0:1.8.2-2.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src" }, "product_reference": "ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src" }, "product_reference": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src" }, "product_reference": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src" }, "product_reference": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src" }, "product_reference": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src" }, "product_reference": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src" }, "product_reference": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64" }, "product_reference": "ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "sneakernet_ca-0:0.1-2.el6cf.noarch as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch" }, "product_reference": "sneakernet_ca-0:0.1-2.el6cf.noarch", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "sneakernet_ca-0:0.1-2.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src" }, "product_reference": "sneakernet_ca-0:0.1-2.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "wmi-0:1.3.14-1.el6cf.src as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src" }, "product_reference": "wmi-0:1.3.14-1.el6cf.src", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "wmi-0:1.3.14-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64" }, "product_reference": "wmi-0:1.3.14-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" }, { "category": "default_component_of", "full_product_name": { "name": "wmi-debuginfo-0:1.3.14-1.el6cf.x86_64 as a component of CloudForms Management Engine 5.4", "product_id": "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" }, "product_reference": "wmi-debuginfo-0:1.3.14-1.el6cf.x86_64", "relates_to_product_reference": "6Server-CFME-5.4" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Ruby on Rails project" ] }, { "names": [ "Aaron Neyer" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2013-4389", "cwe": { "id": "CWE-134", "name": "Use of Externally-Controlled Format String" }, "discovery_date": "2013-09-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1013913" } ], "notes": [ { "category": "description", "text": "Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-actionmailer: email address processing DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nThis issue did not affect the versions of rubygem-actionmailer as shipped with Red Hat Subscription Asset Manager 1 as they do not include support for sending email using user supplied addresses.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4389" }, { "category": "external", "summary": "RHBZ#1013913", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1013913" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4389", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4389" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4389", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4389" } ], "release_date": "2013-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-06-16T12:28:42+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/", "product_ids": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2015:1100" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "rubygem-actionmailer: email address processing DoS" }, { "cve": "CVE-2013-4492", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2013-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1039435" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationData.new call.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-i18n: cross-site scripting flaw in exception handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4492" }, { "category": "external", "summary": "RHBZ#1039435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039435" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4492", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4492" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4492", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4492" } ], "release_date": "2013-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-06-16T12:28:42+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/", "product_ids": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2015:1100" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rubygem-i18n: cross-site scripting flaw in exception handling" }, { "acknowledgments": [ { "names": [ "Ruby on Rails project" ] } ], "cve": "CVE-2014-7819", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2014-10-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1161527" } ], "notes": [ { "category": "description", "text": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-sprockets: arbitrary file existence disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-7819" }, { "category": "external", "summary": "RHBZ#1161527", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-7819", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7819" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY", "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY" } ], "release_date": "2014-10-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-06-16T12:28:42+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/", "product_ids": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2015:1100" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "rubygem-sprockets: arbitrary file existence disclosure" }, { "cve": "CVE-2015-1820", "cwe": { "id": "CWE-201", "name": "Insertion of Sensitive Information Into Sent Data" }, "discovery_date": "2015-03-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1205291" } ], "notes": [ { "category": "description", "text": "REST client for Ruby (aka rest-client) before 1.8.0 allows remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-1820" }, { "category": "external", "summary": "RHBZ#1205291", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205291" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-1820", "url": "https://www.cve.org/CVERecord?id=CVE-2015-1820" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1820", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1820" } ], "release_date": "2015-03-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-06-16T12:28:42+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/", "product_ids": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2015:1100" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses" }, { "cve": "CVE-2015-3448", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2015-04-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1240982" } ], "notes": [ { "category": "description", "text": "REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-rest-client: unsanitized application logging", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3448" }, { "category": "external", "summary": "RHBZ#1240982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1240982" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3448", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3448" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3448", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3448" } ], "release_date": "2015-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-06-16T12:28:42+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/", "product_ids": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2015:1100" }, { "category": "workaround", "details": "The permissions on log files can be changed, e.g. using \"chmod o-rwx\" to prevent anyone but the user and group owner of the file from reading it. Additionally the group permissions can also be removed, e.g. \"chmod g-rwx\" if only the user owning the file should be able to see it.", "product_ids": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-appliance-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-debuginfo-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.src", "6Server-CFME-5.4:cfme-gemset-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-lib-0:5.4.0.5-1.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.src", "6Server-CFME-5.4:cfme-vnc-plugin-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:cfme-vnc-plugin-debuginfo-0:1.0.0-2.el6cf.x86_64", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.src", "6Server-CFME-5.4:libdnet-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-debuginfo-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-devel-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:libdnet-progs-0:1.12-11.el6cf.x86_64", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.src", "6Server-CFME-5.4:lshw-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-debuginfo-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:lshw-gui-0:B.02.16-4.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.src", "6Server-CFME-5.4:netapp-manageability-sdk-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:netapp-manageability-sdk-devel-0:4.0P1-3.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.src", "6Server-CFME-5.4:open-vm-tools-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-debuginfo-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-desktop-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:open-vm-tools-devel-0:9.2.3-5.el6cf.x86_64", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.src", "6Server-CFME-5.4:prince-0:9.0r2-4.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.src", "6Server-CFME-5.4:pyliblzma-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:pyliblzma-debuginfo-0:0.5.3-7.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-bcrypt-ruby-debuginfo-0:3.0.1-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-eventmachine-debuginfo-0:1.0.7-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-ffi-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-ffi-debuginfo-0:1.9.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-io-extra-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-io-extra-debuginfo-0:1.2.8-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-json-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-json-debuginfo-0:1.8.2-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-nokogiri-debuginfo-0:1.5.11-2.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-pg-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-pg-debuginfo-0:0.12.2-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-psych-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-psych-debuginfo-0:2.0.13-1.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-qpid_messaging-debuginfo-0:0.20.2-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-therubyracer-debuginfo-0:0.11.0-5.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.src", "6Server-CFME-5.4:ruby200-rubygem-thin-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:ruby200-rubygem-thin-debuginfo-0:1.3.1-9.el6cf.x86_64", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.noarch", "6Server-CFME-5.4:sneakernet_ca-0:0.1-2.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.src", "6Server-CFME-5.4:wmi-0:1.3.14-1.el6cf.x86_64", "6Server-CFME-5.4:wmi-debuginfo-0:1.3.14-1.el6cf.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "rubygem-rest-client: unsanitized application logging" } ] }
ghsa-33pp-3763-mrfp
Vulnerability from github
Published
2017-10-24 18:33
Modified
2023-03-01 18:54
Summary
sprockets vulnerable to Path Traversal
Details
Multiple directory traversal vulnerabilities in server.rb
in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.
{ "affected": [ { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2.0.5" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.1.0" }, { "fixed": "2.1.4" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.2.0" }, { "fixed": "2.2.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.3.0" }, { "fixed": "2.3.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.4.0" }, { "fixed": "2.4.6" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.5.0" }, { "fixed": "2.5.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.6.0" }, { "fixed": "2.7.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.8.0" }, { "fixed": "2.8.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.9.0" }, { "fixed": "2.9.4" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.10.0" }, { "fixed": "2.10.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.11.0" }, { "fixed": "2.11.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "RubyGems", "name": "sprockets" }, "ranges": [ { "events": [ { "introduced": "2.12.0" }, { "fixed": "2.12.3" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2014-7819" ], "database_specific": { "cwe_ids": [ "CWE-22" ], "github_reviewed": true, "github_reviewed_at": "2020-06-16T20:53:55Z", "nvd_published_at": "2014-11-08T11:55:00Z", "severity": "MODERATE" }, "details": "Multiple directory traversal vulnerabilities in `server.rb` in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.", "id": "GHSA-33pp-3763-mrfp", "modified": "2023-03-01T18:54:54Z", "published": "2017-10-24T18:33:36Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHBA-2015:1100" }, { "type": "WEB", "url": "https://access.redhat.com/security/cve/CVE-2014-7819" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527" }, { "type": "WEB", "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY" }, { "type": "WEB", "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ" }, { "type": "WEB", "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html" } ], "schema_version": "1.4.0", "severity": [], "summary": "sprockets vulnerable to Path Traversal" }
gsd-2014-7819
Vulnerability from gsd
Modified
2014-10-30 00:00
Details
Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2014-7819", "description": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.", "id": "GSD-2014-7819", "references": [ "https://www.suse.com/security/cve/CVE-2014-7819.html", "https://access.redhat.com/errata/RHBA-2015:1100", "https://advisories.mageia.org/CVE-2014-7819.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "affected": [ { "package": { "ecosystem": "RubyGems", "name": "sprockets", "purl": "pkg:gem/sprockets" } } ], "aliases": [ "CVE-2014-7819", "OSVDB-113965" ], "details": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.", "id": "GSD-2014-7819", "modified": "2014-10-30T00:00:00.000Z", "published": "2014-10-30T00:00:00.000Z", "references": [ { "type": "WEB", "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY" } ], "schema_version": "1.4.0", "severity": [ { "score": 5.0, "type": "CVSS_V2" } ], "summary": "CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-7819", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html" }, { "name": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html" }, { "name": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html" }, { "name": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html" }, { "name": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ", "refsource": "MISC", "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ" }, { "name": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ", "refsource": "MISC", "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ" } ] } }, "github.com/rubysec/ruby-advisory-db": { "cve": "2014-7819", "cvss_v2": 5.0, "date": "2014-10-30", "description": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.", "gem": "sprockets", "osvdb": 113965, "patched_versions": [ "~\u003e 2.0.5", "~\u003e 2.1.4", "~\u003e 2.2.3", "~\u003e 2.3.3", "~\u003e 2.4.6", "~\u003e 2.5.1", "~\u003e 2.7.1", "~\u003e 2.8.3", "~\u003e 2.9.4", "~\u003e 2.10.2", "~\u003e 2.11.3", "~\u003e 2.12.3", "\u003e= 3.0.0.beta.3" ], "title": "CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure", "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY" }, "gitlab.com": { "advisories": [ { "affected_range": "\u003e=3.0.0a \u003c3.0.0.beta.3||\u003e=2.12.0a \u003c2.12.3||\u003e=2.11.0a \u003c2.11.3||\u003e=2.10.0a \u003c2.10.2||\u003e=2.9.0a \u003c2.9.4||\u003e=2.8.0a \u003c2.8.3||\u003e=2.7.0a \u003c2.7.1||\u003e=2.5.0a \u003c2.5.1||\u003e=2.4.0a \u003c2.4.6||\u003e=2.3.0a \u003c2.3.3||\u003e=2.2.0a \u003c2.2.3||\u003e=2.1.0a \u003c2.1.4||\u003e=2.0.0 \u003c2.0.5", "affected_versions": "All versions starting from 3.0.0a before 3.0.0.beta.3, all versions starting from 2.12.0a before 2.12.3, all versions starting from 2.11.0a before 2.11.3, all versions starting from 2.10.0a before 2.10.2, all versions starting from 2.9.0a before 2.9.4, all versions starting from 2.8.0a before 2.8.3, all versions starting from 2.7.0a before 2.7.1, all versions starting from 2.5.0a before 2.5.1, all versions starting from 2.4.0a before 2.4.6, all versions starting from 2.3.0a before 2.3.3, all versions starting from 2.2.0a before 2.2.3, all versions starting from 2.1.0a before 2.1.4, all versions starting from 2.0.0 before 2.0.5", "credit": "Eaden McKee, Dennis Hackethal \u0026 Christian Hansen of Crowdcurity, Juan C. M\u00fcller \u0026 Mike McClurg of Greenhouse.io and Alex Ianus of Coinbase", "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "cwe_ids": [ "CWE-1035", "CWE-22", "CWE-937" ], "date": "2018-12-18", "description": "Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside an application\u0027s root directory. The files will not be served, but attackers can determine whether the file exists.", "fixed_versions": [ "2.0.5", "2.1.4", "2.10.2", "2.11.3", "2.12.3", "2.2.3", "2.3.3", "2.4.6", "2.5.1", "2.7.1", "2.8.3", "2.9.4", "3.0.0.beta.3" ], "identifier": "CVE-2014-7819", "identifiers": [ "CVE-2014-7819" ], "package_slug": "gem/sprockets", "pubdate": "2014-11-08", "solution": "Upgrade to latest or use workaround.\r\n\r\nIn Rails applications, work around this issue, set config.serve_static_assets = false in an initializer. This work around will not be possible in all hosting environments and upgrading is advised.", "title": "Arbitrary file existence disclosure", "urls": [ "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY" ], "uuid": "e6fce8ce-942c-40c0-93ae-e570d32bbac7" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:2.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0.5", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.1.4", "versionStartIncluding": "2.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.2.3", "versionStartIncluding": "2.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.3", "versionStartIncluding": "2.3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.4.6", "versionStartIncluding": "2.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.5.1", "versionStartIncluding": "2.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.1", "versionStartIncluding": "2.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.8.3", "versionStartIncluding": "2.8.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.9.4", "versionStartIncluding": "2.9.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.10.2", "versionStartIncluding": "2.10.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.11.3", "versionStartIncluding": "2.11.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.12.3", "versionStartIncluding": "2.12.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-7819" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-22" } ] } ] }, "references": { "reference_data": [ { "name": "[rubyonrails-security] 20141030 Arbitrary file existence disclosure in Sprockets (CVE-2014-7819)", "refsource": "MLIST", "tags": [ "Third Party Advisory" ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ" }, { "name": "[rubyonrails-security] 20141030 [AMENDED] [CVE-2014-7819] Arbitrary file existence disclosure in Sprockets", "refsource": "MLIST", "tags": [ "Third Party Advisory" ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ" }, { "name": "openSUSE-SU-2014:1513", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html" }, { "name": "openSUSE-SU-2014:1514", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html" }, { "name": "openSUSE-SU-2014:1504", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html" }, { "name": "openSUSE-SU-2014:1502", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2023-02-13T00:42Z", "publishedDate": "2014-11-08T11:55Z" } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.