https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Bug ID: 1578578 Summary: CVE-2018-1257 spring-framework: ReDoS Attack with spring-messaging Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team@redhat.com Reporter: lpardo@redhat.com CC: aileenc@redhat.com, alazarot@redhat.com, anstephe@redhat.com, apevec@redhat.com, bkundal@redhat.com, bmaxwell@redhat.com, cdewolf@redhat.com, chazlett@redhat.com, chrisw@redhat.com, csutherl@redhat.com, darran.lofthouse@redhat.com, dchen@redhat.com, dffrench@redhat.com, dimitris@redhat.com, dosoudil@redhat.com, drieden@redhat.com, drusso@redhat.com, etirelli@redhat.com, gvarsami@redhat.com, hghasemb@redhat.com, ibek@redhat.com, java-sig-commits@lists.fedoraproject.org, jawilson@redhat.com, jcoleman@redhat.com, jjoyce@redhat.com, jmadigan@redhat.com, jolee@redhat.com, jschatte@redhat.com, jschluet@redhat.com, jshepherd@redhat.com, jstastny@redhat.com, kbasil@redhat.com, kconner@redhat.com, kverlaen@redhat.com, ldimaggi@redhat.com, lef@fedoraproject.org, lgao@redhat.com, lgriffin@redhat.com, lhh@redhat.com, lpeer@redhat.com, lpetrovi@redhat.com, markmc@redhat.com, mburns@redhat.com, mkolesni@redhat.com, myarboro@redhat.com, ngough@redhat.com, nwallace@redhat.com, nyechiel@redhat.com, paradhya@redhat.com, pavelp@redhat.com, pgier@redhat.com, psakar@redhat.com, pslavice@redhat.com, pszubiak@redhat.com, puntogil@libero.it, pwright@redhat.com, rbryant@redhat.com, rhel8-maint@redhat.com, rnetuka@redhat.com, rrajasek@redhat.com, rsvoboda@redhat.com, rsynek@redhat.com, rwagner@redhat.com, rzhang@redhat.com, sclewis@redhat.com, sdaley@redhat.com, sisharma@redhat.com, slinaber@redhat.com, smohan@redhat.com, ssaha@redhat.com, tcunning@redhat.com, tdecacqu@redhat.com, tjay@redhat.com, tkirby@redhat.com, trepel@redhat.com, twalsh@redhat.com, vbellur@redhat.com, vhalbert@redhat.com, vtunka@redhat.com
A flaw was found in Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack.
References: https://pivotal.io/security/cve-2018-1257
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Laura Pardo lpardo@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1578580, 1578579
--- Comment #1 from Laura Pardo lpardo@redhat.com --- Created springframework tracking bugs for this issue:
Affects: fedora-all [bug 1578579]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1578579 [Bug 1578579] CVE-2018-1257 springframework: spring-framework: ReDoS Attack with spring-messaging [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Laura Pardo lpardo@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1578938
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Laura Pardo lpardo@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1578941
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Siddharth Sharma sisharma@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=new,amq-6/srping=new, |pring=notaffected,amq-6/srp |brms-5/srping=new,jdv-6/spr |ing=new,brms-5/srping=new,j |ing=new,fis-2/spring=new,fu |dv-6/spring=new,fis-2/sprin |se-6/spring=new,fuse-7/spri |g=new,fuse-6/spring=new,fus |ng=new,fsw-6/spring=new,rhm |e-7/spring=new,fsw-6/spring |ap-4/spring=new,soap-5/spri |=new,rhmap-4/spring=new,soa |ng=new,openstack-10/openday |p-5/spring=new,openstack-10 |light=new,openstack-11/open |/opendaylight=new,openstack |daylight=new,openstack-12/o |-11/opendaylight=new,openst |pendaylight=new,openstack-9 |ack-12/opendaylight=new,ope |/opendaylight=new,openstack |nstack-9/opendaylight=new,o |-13/opendaylight=new |penstack-13/opendaylight=ne | |w
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/srp |ing=new,brms-5/srping=new,j |ing=new,brms-5/srping=new,j |dv-6/spring=new,fis-2/sprin |dv-6/spring=new,fis-2/sprin |g=new,fuse-6/spring=new,fus |g=affected,fuse-6/spring=ne |e-7/spring=new,fsw-6/spring |w,fuse-7/spring=affected,fs |=new,rhmap-4/spring=new,soa |w-6/spring=new,rhmap-4/spri |p-5/spring=new,openstack-10 |ng=new,soap-5/spring=new,op |/opendaylight=new,openstack |enstack-10/opendaylight=new |-11/opendaylight=new,openst |,openstack-11/opendaylight= |ack-12/opendaylight=new,ope |new,openstack-12/opendaylig |nstack-9/opendaylight=new,o |ht=new,openstack-9/opendayl |penstack-13/opendaylight=ne |ight=new,openstack-13/opend |w |aylight=new
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/srp |ing=new,brms-5/srping=new,j |ing=new,brms-5/srping=new,j |dv-6/spring=new,fis-2/sprin |dv-6/spring=new,fis-2/sprin |g=affected,fuse-6/spring=ne |g=affected,fuse-6/spring=af |w,fuse-7/spring=affected,fs |fected,fuse-7/spring=affect |w-6/spring=new,rhmap-4/spri |ed,fsw-6/spring=new,rhmap-4 |ng=new,soap-5/spring=new,op |/spring=new,soap-5/spring=n |enstack-10/opendaylight=new |ew,openstack-10/opendayligh |,openstack-11/opendaylight= |t=new,openstack-11/opendayl |new,openstack-12/opendaylig |ight=new,openstack-12/opend |ht=new,openstack-9/opendayl |aylight=new,openstack-9/ope |ight=new,openstack-13/opend |ndaylight=new,openstack-13/ |aylight=new |opendaylight=new
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/srp |ing=new,brms-5/srping=new,j |ing=notaffected,brms-5/srpi |dv-6/spring=new,fis-2/sprin |ng=new,jdv-6/spring=new,fis |g=affected,fuse-6/spring=af |-2/spring=affected,fuse-6/s |fected,fuse-7/spring=affect |pring=affected,fuse-7/sprin |ed,fsw-6/spring=new,rhmap-4 |g=affected,fsw-6/spring=not |/spring=new,soap-5/spring=n |affected,rhmap-4/spring=new |ew,openstack-10/opendayligh |,soap-5/spring=new,openstac |t=new,openstack-11/opendayl |k-10/opendaylight=new,opens |ight=new,openstack-12/opend |tack-11/opendaylight=new,op |aylight=new,openstack-9/ope |enstack-12/opendaylight=new |ndaylight=new,openstack-13/ |,openstack-9/opendaylight=n |opendaylight=new |ew,openstack-13/opendayligh | |t=new
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Jason Shepherd jshepherd@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/srp |ing=notaffected,brms-5/srpi |ing=notaffected,brms-5/srpi |ng=new,jdv-6/spring=new,fis |ng=new,jdv-6/spring=new,fis |-2/spring=affected,fuse-6/s |-2/spring=affected,fuse-6/s |pring=affected,fuse-7/sprin |pring=affected,fuse-7/sprin |g=affected,fsw-6/spring=not |g=affected,fsw-6/spring=not |affected,rhmap-4/spring=new |affected,rhmap-4/spring=not |,soap-5/spring=new,openstac |affected,soap-5/spring=new, |k-10/opendaylight=new,opens |openstack-10/opendaylight=n |tack-11/opendaylight=new,op |ew,openstack-11/opendayligh |enstack-12/opendaylight=new |t=new,openstack-12/opendayl |,openstack-9/opendaylight=n |ight=new,openstack-9/openda |ew,openstack-13/opendayligh |ylight=new,openstack-13/ope |t=new |ndaylight=new
--- Comment #5 from Jason Shepherd jshepherd@redhat.com --- RHMAP doesn't make sure of websocket stomp as described in https://docs.spring.io/spring/docs/current/spring-framework-reference/web.ht...
Marking RHMAP as not affected.
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/srp |ing=notaffected,brms-5/srpi |ing=notaffected,brms-5/srpi |ng=new,jdv-6/spring=new,fis |ng=new,jdv-6/spring=new,fis |-2/spring=affected,fuse-6/s |-2/spring=affected,fuse-6/s |pring=affected,fuse-7/sprin |pring=notaffected,fuse-7/sp |g=affected,fsw-6/spring=not |ring=affected,fsw-6/spring= |affected,rhmap-4/spring=not |notaffected,rhmap-4/spring= |affected,soap-5/spring=new, |notaffected,soap-5/spring=n |openstack-10/opendaylight=n |ew,openstack-10/opendayligh |ew,openstack-11/opendayligh |t=new,openstack-11/opendayl |t=new,openstack-12/opendayl |ight=new,openstack-12/opend |ight=new,openstack-9/openda |aylight=new,openstack-9/ope |ylight=new,openstack-13/ope |ndaylight=new,openstack-13/ |ndaylight=new |opendaylight=new
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
James Hebden jhebden@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/srp |ing=notaffected,brms-5/srpi |ing=notaffected,brms-5/srpi |ng=new,jdv-6/spring=new,fis |ng=new,jdv-6/spring=new,fis |-2/spring=affected,fuse-6/s |-2/spring=affected,fuse-6/s |pring=notaffected,fuse-7/sp |pring=notaffected,fuse-7/sp |ring=affected,fsw-6/spring= |ring=affected,fsw-6/spring= |notaffected,rhmap-4/spring= |notaffected,rhmap-4/spring= |notaffected,soap-5/spring=n |notaffected,soap-5/spring=n |ew,openstack-10/opendayligh |ew,openstack-10/opendayligh |t=new,openstack-11/opendayl |t=notaffected,openstack-11/ |ight=new,openstack-12/opend |opendaylight=notaffected,op |aylight=new,openstack-9/ope |enstack-12/opendaylight=not |ndaylight=new,openstack-13/ |affected,openstack-9/openda |opendaylight=new |ylight=notaffected,openstac | |k-13/opendaylight=notaffect | |ed Last Closed| |2018-05-25 00:07:39
--- Comment #6 from James Hebden jhebden@redhat.com --- ODL does not use WebSocket STOMP in any packaged components for any RHOSP release. Marked not affected.
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
James Hebden jhebden@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|CLOSED |NEW Resolution|WONTFIX |--- Keywords| |Reopened
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Kunjan Rathod krathod@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/srp |ing=notaffected,brms-5/srpi |ing=notaffected,brms-5/srpi |ng=new,jdv-6/spring=new,fis |ng=notaffected,jdv-6/spring |-2/spring=affected,fuse-6/s |=new,fis-2/spring=affected, |pring=notaffected,fuse-7/sp |fuse-6/spring=notaffected,f |ring=affected,fsw-6/spring= |use-7/spring=affected,fsw-6 |notaffected,rhmap-4/spring= |/spring=notaffected,rhmap-4 |notaffected,soap-5/spring=n |/spring=notaffected,soap-5/ |ew,openstack-10/opendayligh |spring=new,openstack-10/ope |t=notaffected,openstack-11/ |ndaylight=notaffected,opens |opendaylight=notaffected,op |tack-11/opendaylight=notaff |enstack-12/opendaylight=not |ected,openstack-12/opendayl |affected,openstack-9/openda |ight=notaffected,openstack- |ylight=notaffected,openstac |9/opendaylight=notaffected, |k-13/opendaylight=notaffect |openstack-13/opendaylight=n |ed |otaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
claprun@redhat.com claprun@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |claprun@redhat.com
--- Comment #9 from claprun@redhat.com claprun@redhat.com --- Shouldn't this be marked as high as that's how it's marked by Pivotal on its CVE?
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |krathod@redhat.com Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=new,rhes-3/s |pring=notaffected,amq-6/srp |pring=notaffected,amq-6/spr |ing=notaffected,brms-5/srpi |ing=notaffected,brms-5/spri |ng=notaffected,jdv-6/spring |ng=notaffected,jdv-6/spring |=new,fis-2/spring=affected, |=new,fis-2/spring=affected, |fuse-6/spring=notaffected,f |fuse-6/spring=notaffected,f |use-7/spring=affected,fsw-6 |use-7/spring=affected,fsw-6 |/spring=notaffected,rhmap-4 |/spring=notaffected,rhmap-4 |/spring=notaffected,soap-5/ |/spring=notaffected,soap-5/ |spring=new,openstack-10/ope |spring=new,openstack-10/ope |ndaylight=notaffected,opens |ndaylight=notaffected,opens |tack-11/opendaylight=notaff |tack-11/opendaylight=notaff |ected,openstack-12/opendayl |ected,openstack-12/opendayl |ight=notaffected,openstack- |ight=notaffected,openstack- |9/opendaylight=notaffected, |9/opendaylight=notaffected, |openstack-13/opendaylight=n |openstack-13/opendaylight=n |otaffected |otaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
--- Comment #10 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Openshift Application Runtimes (text-only advisories)
Via RHSA-2018:1809 https://access.redhat.com/errata/RHSA-2018:1809
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
errata-xmlrpc errata-xmlrpc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- External Bug ID| |Red Hat Product Errata | |RHSA-2018:1809
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
Bharti Kundal bkundal@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20180509, |impact=low,public=20180509, |reported=20180511,source=cv |reported=20180511,source=cv |e,cvss3=4.8/CVSS:3.0/AV:N/A |e,cvss3=4.8/CVSS:3.0/AV:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |C:H/PR:N/UI:N/S:U/C:L/I:N/A |:L,cwe=CWE-200,fedora-all/s |:L,cwe=CWE-200,fedora-all/s |pringframework=affected,rhe |pringframework=affected,rhe |l-8/springframework=affecte |l-8/springframework=affecte |d,eap-5/spring=new,rhes-3/s |d,eap-5/spring=notaffected, |pring=notaffected,amq-6/spr |rhes-3/spring=notaffected,a |ing=notaffected,brms-5/spri |mq-6/spring=notaffected,brm |ng=notaffected,jdv-6/spring |s-5/spring=notaffected,jdv- |=new,fis-2/spring=affected, |6/spring=new,fis-2/spring=a |fuse-6/spring=notaffected,f |ffected,fuse-6/spring=notaf |use-7/spring=affected,fsw-6 |fected,fuse-7/spring=affect |/spring=notaffected,rhmap-4 |ed,fsw-6/spring=notaffected |/spring=notaffected,soap-5/ |,rhmap-4/spring=notaffected |spring=new,openstack-10/ope |,soap-5/spring=new,openstac |ndaylight=notaffected,opens |k-10/opendaylight=notaffect |tack-11/opendaylight=notaff |ed,openstack-11/opendayligh |ected,openstack-12/opendayl |t=notaffected,openstack-12/ |ight=notaffected,openstack- |opendaylight=notaffected,op |9/opendaylight=notaffected, |enstack-9/opendaylight=nota |openstack-13/opendaylight=n |ffected,openstack-13/openda |otaffected |ylight=notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
--- Comment #11 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Fuse 7.2
Via RHSA-2018:3768 https://access.redhat.com/errata/RHSA-2018:3768
https://bugzilla.redhat.com/show_bug.cgi?id=1578578
errata-xmlrpc errata-xmlrpc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- External Bug ID| |Red Hat Product Errata | |RHSA-2018:3768
java-sig-commits@lists.stg.fedoraproject.org