https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Bug ID: 1166041 Summary: CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: vkaigoro@redhat.com CC: abaron@redhat.com, abokovoy@redhat.com, andrew@topdog.za.net, andrewniemants@gmail.com, aortega@redhat.com, apatters@redhat.com, apevec@redhat.com, athmanem@gmail.com, ayoung@redhat.com, bazanluis20@gmail.com, bkabrda@redhat.com, bkearney@redhat.com, bleanhar@redhat.com, brett.lentz@gmail.com, bruno@wolff.to, casper@casperlefantom.net, cbillett@redhat.com, ccoleman@redhat.com, chat-to-me@raveit.de, chkr@plauener.de, chrisw@redhat.com, comzeradd@fedoraproject.org, cpelland@redhat.com, croberts@redhat.com, dajohnso@redhat.com, dallan@redhat.com, dan@danny.cz, david.r@ultracar.co.uk, dclarizi@redhat.com, devrim@gunduz.org, dmcphers@redhat.com, dridi.boukelmoune@gmail.com, echevemaster@gmail.com, emmanuel@seyman.fr, erlang@lists.fedoraproject.org, extras-orphan@fedoraproject.org, fabio@locati.cc, fdc@fcami.net, fedora@famillecollet.com, frankly3d@gmail.com, gbailey@lxpro.com, gkotton@redhat.com, gmccullo@redhat.com, herrold@owlriver.com, hhorak@redhat.com, hobbes1069@gmail.com, home@trarbentley.net, i@cicku.me, i@stingr.net, ian@ianweller.org, iarnell@gmail.com, ipa-maint@redhat.com, ivaxer@gmail.com, jamielinux@fedoraproject.org, jaswinder@kernel.org, jdetiber@redhat.com, jdornak@redhat.com, jhardy@redhat.com, jialiu@redhat.com, jimi@sngx.net, jkeck@redhat.com, jmlich@redhat.com, jochen@herr-schmitt.de, joelsmith@redhat.com, jokajak@fedoraproject.org, jokerman@redhat.com, jonathansteffan@gmail.com, jorton@redhat.com, jprause@redhat.com, jrafanie@redhat.com, jsmith.fedora@gmail.com, jstribny@redhat.com, jvlcek@redhat.com, karlthered@gmail.com, katello-bugs@redhat.com, kevin@scrye.com, kseifried@redhat.com, ktdreyer@ktdreyer.com, kwizart@gmail.com, leigh123linux@googlemail.com, lemenkov@gmail.com, lhh@redhat.com, limburgher@gmail.com, lmacken@redhat.com, lmeyer@redhat.com, loganjerry@gmail.com, lpeer@redhat.com, luto@mit.edu, markmc@redhat.com, matt@cs.wisc.edu, mbarnes@redhat.com, mburns@redhat.com, mcepl@redhat.com, mclasen@redhat.com, metherid@gmail.com, mhroncok@redhat.com, michel@michel-slm.name, mike@cchtml.com, miketwebster@gmail.com, mkosek@redhat.com, mmaslano@redhat.com, mmccomas@redhat.com, mmccune@redhat.com, mmcgrath@redhat.com, mrunge@redhat.com, nelsonab@red-tux.net, nonamedotc@gmail.com, nushio@fedoraproject.org, obarenbo@redhat.com, oliver@linux-kernel.at, orion@cora.nwra.com, paulo.cesar.pereira.de.andrade@gmail.com, pavel@zhukoff.net, perl-devel@lists.fedoraproject.org, peter.borsa@gmail.com, phalliday@excelsiorsystems.net, pmyers@redhat.com, praiskup@redhat.com, promac@gmail.com, puiterwijk@redhat.com, pviktori@redhat.com, pvoborni@redhat.com, python-maint@redhat.com, rbean@redhat.com, rbryant@redhat.com, rcritten@redhat.com, relrod@redhat.com, rhos-maint@redhat.com, rnovacek@redhat.com, robinlee.sysu@gmail.com, satya.komaragiri@gmail.com, sclewis@redhat.com, scott@foolishpride.org, sdodson@sdodson.com, shawn.iwinski@gmail.com, smparrish@gmail.com, ssorce@redhat.com, stickster@gmail.com, sven@lank.es, tadej.janez@tadej.hicsalta.si, tchollingsworth@gmail.com, thomas.moschny@gmx.de, thozza@redhat.com, tim4dev@gmail.com, tjay@redhat.com, tmckay@redhat.com, tomckay@redhat.com, vanmeeuwen+fedora@kolabsys.com, volker27@gmx.at, vondruch@redhat.com, vonsch@gmail.com, wojdyr@gmail.com, wtogami@gmail.com, xlecauch@redhat.com, yeylon@redhat.com, yohangraterol92@gmail.com, zbyszek@in.waw.pl
jQuery UI 1.10.0 release fixes XSS issue [1] in jQuery.ui.dialog title option.
From [1]:
... WIDGETS Dialog Fixed: Title XSS Vulnerability. (#6016, 7e9060c) ...
Upstream commit that fixes this: https://github.com/jquery/jquery-ui/commit/7e9060c109b928769a664dbcc2c17bd21... More info can be found in the upstream bugtracker [2].
[1]: http://jqueryui.com/changelog/1.10.0/ [2]: http://bugs.jqueryui.com/ticket/6016
-- Note: whiteboard lists quite some packages, which are known to have jQuery embedded.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1162456
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #1 from leigh scott leigh123linux@googlemail.com --- I fail to see how this affects cinnamon as it doesn't use jQuery.ui.dialog
$ repoquery -q --whatprovides */jquery.ui.dialog.js mediawiki-0:1.23.6-1.fc20.noarch sagemath-notebook-0:5.12-1.fc20.x86_64 mediawiki-0:1.21.2-2.fc20.noarch python-XStatic-jquery-ui-0:1.10.4.1-1.fc20.noarch sagemath-notebook-0:6.1.1-5.fc20.x86_64 drupal7-jquery_update-0:2.3-2.fc20.noarch drupal7-jquery_update-0:2.4-1.fc20.noarch
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=affect |,fedora-all/cinnamon=notaff |ed,fedora-all/ckeditor=affe |ected,fedora-all/ckeditor=a |cted,fedora-all/cobbler=aff |ffected,fedora-all/cobbler= |ected,fedora-all/couchdb=af |affected,fedora-all/couchdb |fected,fedora-all/cumin=aff |=affected,fedora-all/cumin= |ected,fedora-all/django-typ |affected,fedora-all/django- |epad=affected,fedora-all/dl |typepad=affected,fedora-all |=affected,fedora-all/dokuwi |/dl=affected,fedora-all/dok |ki=affected,fedora-all/drup |uwiki=affected,fedora-all/d |al6=affected,fedora-all/dru |rupal6=affected,fedora-all/ |pal7=affected,fedora-all/dr |drupal7=affected,fedora-all |upal7-jquery_update=affecte |/drupal7-jquery_update=affe |d,fedora-all/fish=affected, |cted,fedora-all/fish=affect |fedora-all/fityk=affected,f |ed,fedora-all/fityk=affecte |edora-all/freeipa=affected, |d,fedora-all/freeipa=affect |fedora-all/gallery3=affecte |ed,fedora-all/gallery3=affe |d,fedora-all/global=affecte |cted,fedora-all/global=affe |d,fedora-all/graphite-web=a |cted,fedora-all/graphite-we |ffected,fedora-all/hotot=af |b=affected,fedora-all/hotot |fected,fedora-all/ikiwiki=a |=affected,fedora-all/ikiwik |ffected,fedora-all/libgda=a |i=affected,fedora-all/libgd |ffected,fedora-all/mediawik |a=affected,fedora-all/media |i=affected,fedora-all/mojom |wiki=affected,fedora-all/mo |ojo=affected,fedora-all/nod |jomojo=affected,fedora-all/ |ejs-should=affected,fedora- |nodejs-should=affected,fedo |all/OpenLP=affected,fedora- |ra-all/OpenLP=affected,fedo |all/openslides=affected,fed |ra-all/openslides=affected, |ora-all/openteacher=affecte |fedora-all/openteacher=affe |d,fedora-all/orbited=affect |cted,fedora-all/orbited=aff |ed,fedora-all/perl-Mojolici |ected,fedora-all/perl-Mojol |ous=affected,fedora-all/php |icious=affected,fedora-all/ |PgAdmin=affected,fedora-all |phpPgAdmin=affected,fedora- |/python-backlash=affected,f |all/python-backlash=affecte |edora-all/python-django=aff |d,fedora-all/python-django= |ected,fedora-all/python-dja |affected,fedora-all/python- |ngo-debug-toolbar=affected, |django-debug-toolbar=affect |fedora-all/python-django-ty |ed,fedora-all/python-django |pepadapp=affected,fedora-al |-typepadapp=affected,fedora |l/python-django14=affected, |-all/python-django14=affect |fedora-all/python-django15= |ed,fedora-all/python-django |affected,fedora-all/python- |15=affected,fedora-all/pyth |flask-debugtoolbar=affected |on-flask-debugtoolbar=affec |,fedora-all/python-pebl=aff |ted,fedora-all/python-pebl= |ected,fedora-all/python-sph |affected,fedora-all/python- |inx=affected,fedora-all/pyt |sphinx=affected,fedora-all/ |hon-tw-jquery=affected,fedo |python-tw-jquery=affected,f |ra-all/python-tw2-jqplugins |edora-all/python-tw2-jqplug |-flot=affected,fedora-all/p |ins-flot=affected,fedora-al |ython-tw2-jquery=affected,f |l/python-tw2-jquery=affecte |edora-all/python-werkzeug=a |d,fedora-all/python-werkzeu |ffected,fedora-all/python-X |g=affected,fedora-all/pytho |Static-jQuery=affected,fedo |n-XStatic-jQuery=affected,f |ra-all/python-backlash=affe |edora-all/python-backlash=a |cted,fedora-all/python-djan |ffected,fedora-all/python-d |go=affected,fedora-all/pyth |jango=affected,fedora-all/p |on-sphinx=affected,fedora-a |ython-sphinx=affected,fedor |ll/python-werkzeug=affected |a-all/python-werkzeug=affec |,fedora-all/roundup=affecte |ted,fedora-all/roundup=affe |d,fedora-all/rubygem-jquery |cted,fedora-all/rubygem-jqu |-rails=affected,fedora-all/ |ery-rails=affected,fedora-a |sagemath=affected,fedora-al |ll/sagemath=affected,fedora |l/sparkleshare=affected,fed |-all/sparkleshare=affected, |ora-all/spyder=affected,fed |fedora-all/spyder=affected, |ora-all/StarCluster=affecte |fedora-all/StarCluster=affe |d,fedora-all/sticky-notes=a |cted,fedora-all/sticky-note |ffected,fedora-all/sugar-he |s=affected,fedora-all/sugar |lp=affected,fedora-all/varn |-help=affected,fedora-all/v |ish-agent=affected,fedora-a |arnish-agent=affected,fedor |ll/webacula=affected,fedora |a-all/webacula=affected,fed |-all/wesnoth=affected,fedor |ora-all/wesnoth=affected,fe |a-all/why3=affected,fedora- |dora-all/why3=affected,fedo |all/wordpress=affected,fedo |ra-all/wordpress=affected,f |ra-all/yelp-xsl=affected,fe |edora-all/yelp-xsl=affected |dora-all/zabbix=affected,ep |,fedora-all/zabbix=affected |el-all/drupal7-jquery_updat |,epel-all/drupal7-jquery_up |e=affected,epel-all/python- |date=affected,epel-all/pyth |tw-jquery=affected,epel-all |on-tw-jquery=affected,epel- |/python-tw2-jquery=affected |all/python-tw2-jquery=affec |,epel-all/python-XStatic-jq |ted,epel-all/python-XStatic |uery-ui=affected,openshift- |-jquery-ui=affected,openshi |1/drupal6-jquery_ui-lib=new |ft-1/drupal6-jquery_ui-lib= |,openshift-1/ruby193-rubyge |new,openshift-1/ruby193-rub |m-jquery-rails=new,openshif |ygem-jquery-rails=new,opens |t-enterprise-1/ruby193-ruby |hift-enterprise-1/ruby193-r |gem-jquery-rails=new,opensh |ubygem-jquery-rails=new,ope |ift-enterprise-2/ruby193-ru |nshift-enterprise-2/ruby193 |bygem-jquery-rails=new,rhsc |-rubygem-jquery-rails=new,r |l-1.2/ror40-rubygem-jquery- |hscl-1.2/ror40-rubygem-jque |rails=new,rhscl-1.2/ruby193 |ry-rails=new,rhscl-1.2/ruby |-rubygem-jquery-rails=new,r |193-rubygem-jquery-rails=ne |hn_satellite_6/ruby193-ruby |w,rhn_satellite_6/ruby193-r |gem-jquery-ui-rails=new,sam |ubygem-jquery-ui-rails=new, |-1/ruby193-rubygem-jquery-r |sam-1/ruby193-rubygem-jquer |ails=new,cfme-5/ruby193-rub |y-rails=new,cfme-5/ruby193- |ygem-jquery-rails=new,opens |rubygem-jquery-rails=new,op |tack-4/ruby193-rubygem-jque |enstack-4/ruby193-rubygem-j |ry-rails=new,openstack-fore |query-rails=new,openstack-f |man/ruby193-rubygem-jquery- |oreman/ruby193-rubygem-jque |ui-rails=new,rhel-6/ipa=new |ry-ui-rails=new,rhel-6/ipa= |,rhel-6/python-sphinx=new,r |new,rhel-6/python-sphinx=ne |hel-7/ipa=new,rhel-7/python |w,rhel-7/ipa=new,rhel-7/pyt |-sphinx=new,rhel-7/yelp-xsl |hon-sphinx=new,rhel-7/yelp- |=new |xsl=new
--- Comment #2 from Vasyl Kaigorodov vkaigoro@redhat.com --- (In reply to leigh scott from comment #1)
I fail to see how this affects cinnamon as it doesn't use jQuery.ui.dialog
$ repoquery -q --whatprovides */jquery.ui.dialog.js mediawiki-0:1.23.6-1.fc20.noarch sagemath-notebook-0:5.12-1.fc20.x86_64 mediawiki-0:1.21.2-2.fc20.noarch python-XStatic-jquery-ui-0:1.10.4.1-1.fc20.noarch sagemath-notebook-0:6.1.1-5.fc20.x86_64 drupal7-jquery_update-0:2.3-2.fc20.noarch drupal7-jquery_update-0:2.4-1.fc20.noarch
You're right, the "affected" list contains all the packages that have "jquery.js" embedded. I'd not rely on repoquery too much here, since jQuery.ui.dialog.js might be renamed, or embedded in jquery.js. Anyways - files/usr/lib/cinnamon-settings/data/spices/jquery.js in cinnamon does not contain vulnerable code, marked as "notaffected".
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=affected,fedora-all/dok |/dl=affected,fedora-all/dok |uwiki=affected,fedora-all/d |uwiki=affected,fedora-all/d |rupal6=affected,fedora-all/ |rupal6=affected,fedora-all/ |drupal7=affected,fedora-all |drupal7=affected,fedora-all |/drupal7-jquery_update=affe |/drupal7-jquery_update=affe |cted,fedora-all/fish=affect |cted,fedora-all/fish=affect |ed,fedora-all/fityk=affecte |ed,fedora-all/fityk=notaffe |d,fedora-all/freeipa=affect |cted,fedora-all/freeipa=aff |ed,fedora-all/gallery3=affe |ected,fedora-all/gallery3=a |cted,fedora-all/global=affe |ffected,fedora-all/global=a |cted,fedora-all/graphite-we |ffected,fedora-all/graphite |b=affected,fedora-all/hotot |-web=affected,fedora-all/ho |=affected,fedora-all/ikiwik |tot=affected,fedora-all/iki |i=affected,fedora-all/libgd |wiki=affected,fedora-all/li |a=affected,fedora-all/media |bgda=affected,fedora-all/me |wiki=affected,fedora-all/mo |diawiki=affected,fedora-all |jomojo=affected,fedora-all/ |/mojomojo=affected,fedora-a |nodejs-should=affected,fedo |ll/nodejs-should=affected,f |ra-all/OpenLP=affected,fedo |edora-all/OpenLP=affected,f |ra-all/openslides=affected, |edora-all/openslides=affect |fedora-all/openteacher=affe |ed,fedora-all/openteacher=a |cted,fedora-all/orbited=aff |ffected,fedora-all/orbited= |ected,fedora-all/perl-Mojol |affected,fedora-all/perl-Mo |icious=affected,fedora-all/ |jolicious=affected,fedora-a |phpPgAdmin=affected,fedora- |ll/phpPgAdmin=affected,fedo |all/python-backlash=affecte |ra-all/python-backlash=affe |d,fedora-all/python-django= |cted,fedora-all/python-djan |affected,fedora-all/python- |go=affected,fedora-all/pyth |django-debug-toolbar=affect |on-django-debug-toolbar=aff |ed,fedora-all/python-django |ected,fedora-all/python-dja |-typepadapp=affected,fedora |ngo-typepadapp=affected,fed |-all/python-django14=affect |ora-all/python-django14=aff |ed,fedora-all/python-django |ected,fedora-all/python-dja |15=affected,fedora-all/pyth |ngo15=affected,fedora-all/p |on-flask-debugtoolbar=affec |ython-flask-debugtoolbar=af |ted,fedora-all/python-pebl= |fected,fedora-all/python-pe |affected,fedora-all/python- |bl=affected,fedora-all/pyth |sphinx=affected,fedora-all/ |on-sphinx=affected,fedora-a |python-tw-jquery=affected,f |ll/python-tw-jquery=affecte |edora-all/python-tw2-jqplug |d,fedora-all/python-tw2-jqp |ins-flot=affected,fedora-al |lugins-flot=affected,fedora |l/python-tw2-jquery=affecte |-all/python-tw2-jquery=affe |d,fedora-all/python-werkzeu |cted,fedora-all/python-werk |g=affected,fedora-all/pytho |zeug=affected,fedora-all/py |n-XStatic-jQuery=affected,f |thon-XStatic-jQuery=affecte |edora-all/python-backlash=a |d,fedora-all/python-backlas |ffected,fedora-all/python-d |h=affected,fedora-all/pytho |jango=affected,fedora-all/p |n-django=affected,fedora-al |ython-sphinx=affected,fedor |l/python-sphinx=affected,fe |a-all/python-werkzeug=affec |dora-all/python-werkzeug=af |ted,fedora-all/roundup=affe |fected,fedora-all/roundup=a |cted,fedora-all/rubygem-jqu |ffected,fedora-all/rubygem- |ery-rails=affected,fedora-a |jquery-rails=affected,fedor |ll/sagemath=affected,fedora |a-all/sagemath=affected,fed |-all/sparkleshare=affected, |ora-all/sparkleshare=affect |fedora-all/spyder=affected, |ed,fedora-all/spyder=affect |fedora-all/StarCluster=affe |ed,fedora-all/StarCluster=a |cted,fedora-all/sticky-note |ffected,fedora-all/sticky-n |s=affected,fedora-all/sugar |otes=affected,fedora-all/su |-help=affected,fedora-all/v |gar-help=affected,fedora-al |arnish-agent=affected,fedor |l/varnish-agent=affected,fe |a-all/webacula=affected,fed |dora-all/webacula=affected, |ora-all/wesnoth=affected,fe |fedora-all/wesnoth=affected |dora-all/why3=affected,fedo |,fedora-all/why3=affected,f |ra-all/wordpress=affected,f |edora-all/wordpress=affecte |edora-all/yelp-xsl=affected |d,fedora-all/yelp-xsl=affec |,fedora-all/zabbix=affected |ted,fedora-all/zabbix=affec |,epel-all/drupal7-jquery_up |ted,epel-all/drupal7-jquery |date=affected,epel-all/pyth |_update=affected,epel-all/p |on-tw-jquery=affected,epel- |ython-tw-jquery=affected,ep |all/python-tw2-jquery=affec |el-all/python-tw2-jquery=af |ted,epel-all/python-XStatic |fected,epel-all/python-XSta |-jquery-ui=affected,openshi |tic-jquery-ui=affected,open |ft-1/drupal6-jquery_ui-lib= |shift-1/drupal6-jquery_ui-l |new,openshift-1/ruby193-rub |ib=new,openshift-1/ruby193- |ygem-jquery-rails=new,opens |rubygem-jquery-rails=new,op |hift-enterprise-1/ruby193-r |enshift-enterprise-1/ruby19 |ubygem-jquery-rails=new,ope |3-rubygem-jquery-rails=new, |nshift-enterprise-2/ruby193 |openshift-enterprise-2/ruby |-rubygem-jquery-rails=new,r |193-rubygem-jquery-rails=ne |hscl-1.2/ror40-rubygem-jque |w,rhscl-1.2/ror40-rubygem-j |ry-rails=new,rhscl-1.2/ruby |query-rails=new,rhscl-1.2/r |193-rubygem-jquery-rails=ne |uby193-rubygem-jquery-rails |w,rhn_satellite_6/ruby193-r |=new,rhn_satellite_6/ruby19 |ubygem-jquery-ui-rails=new, |3-rubygem-jquery-ui-rails=n |sam-1/ruby193-rubygem-jquer |ew,sam-1/ruby193-rubygem-jq |y-rails=new,cfme-5/ruby193- |uery-rails=new,cfme-5/ruby1 |rubygem-jquery-rails=new,op |93-rubygem-jquery-rails=new |enstack-4/ruby193-rubygem-j |,openstack-4/ruby193-rubyge |query-rails=new,openstack-f |m-jquery-rails=new,openstac |oreman/ruby193-rubygem-jque |k-foreman/ruby193-rubygem-j |ry-ui-rails=new,rhel-6/ipa= |query-ui-rails=new,rhel-6/i |new,rhel-6/python-sphinx=ne |pa=new,rhel-6/python-sphinx |w,rhel-7/ipa=new,rhel-7/pyt |=new,rhel-7/ipa=new,rhel-7/ |hon-sphinx=new,rhel-7/yelp- |python-sphinx=new,rhel-7/ye |xsl=new |lp-xsl=new
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166229
--- Comment #3 from Vincent Danen vdanen@redhat.com ---
Created freeipa tracking bugs for this issue:
Affects: fedora-all [bug 1166229]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1166229 [Bug 1166229] CVE-2010-5312 freeipa: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=affected,fedora-all/dok |/dl=affected,fedora-all/dok |uwiki=affected,fedora-all/d |uwiki=affected,fedora-all/d |rupal6=affected,fedora-all/ |rupal6=affected,fedora-all/ |drupal7=affected,fedora-all |drupal7=affected,fedora-all |/drupal7-jquery_update=affe |/drupal7-jquery_update=affe |cted,fedora-all/fish=affect |cted,fedora-all/fish=affect |ed,fedora-all/fityk=notaffe |ed,fedora-all/fityk=notaffe |cted,fedora-all/freeipa=aff |cted,fedora-all/freeipa=aff |ected,fedora-all/gallery3=a |ected,fedora-all/gallery3=a |ffected,fedora-all/global=a |ffected,fedora-all/global=a |ffected,fedora-all/graphite |ffected,fedora-all/graphite |-web=affected,fedora-all/ho |-web=affected,fedora-all/ho |tot=affected,fedora-all/iki |tot=affected,fedora-all/iki |wiki=affected,fedora-all/li |wiki=affected,fedora-all/li |bgda=affected,fedora-all/me |bgda=affected,fedora-all/me |diawiki=affected,fedora-all |diawiki=affected,fedora-all |/mojomojo=affected,fedora-a |/mojomojo=affected,fedora-a |ll/nodejs-should=affected,f |ll/nodejs-should=affected,f |edora-all/OpenLP=affected,f |edora-all/OpenLP=affected,f |edora-all/openslides=affect |edora-all/openslides=affect |ed,fedora-all/openteacher=a |ed,fedora-all/openteacher=a |ffected,fedora-all/orbited= |ffected,fedora-all/orbited= |affected,fedora-all/perl-Mo |affected,fedora-all/perl-Mo |jolicious=affected,fedora-a |jolicious=affected,fedora-a |ll/phpPgAdmin=affected,fedo |ll/phpPgAdmin=affected,fedo |ra-all/python-backlash=affe |ra-all/python-backlash=affe |cted,fedora-all/python-djan |cted,fedora-all/python-djan |go=affected,fedora-all/pyth |go=affected,fedora-all/pyth |on-django-debug-toolbar=aff |on-django-debug-toolbar=aff |ected,fedora-all/python-dja |ected,fedora-all/python-dja |ngo-typepadapp=affected,fed |ngo-typepadapp=affected,fed |ora-all/python-django14=aff |ora-all/python-django14=aff |ected,fedora-all/python-dja |ected,fedora-all/python-dja |ngo15=affected,fedora-all/p |ngo15=affected,fedora-all/p |ython-flask-debugtoolbar=af |ython-flask-debugtoolbar=af |fected,fedora-all/python-pe |fected,fedora-all/python-pe |bl=affected,fedora-all/pyth |bl=affected,fedora-all/pyth |on-sphinx=affected,fedora-a |on-sphinx=affected,fedora-a |ll/python-tw-jquery=affecte |ll/python-tw-jquery=affecte |d,fedora-all/python-tw2-jqp |d,fedora-all/python-tw2-jqp |lugins-flot=affected,fedora |lugins-flot=affected,fedora |-all/python-tw2-jquery=affe |-all/python-tw2-jquery=affe |cted,fedora-all/python-werk |cted,fedora-all/python-werk |zeug=affected,fedora-all/py |zeug=affected,fedora-all/py |thon-XStatic-jQuery=affecte |thon-XStatic-jQuery=affecte |d,fedora-all/python-backlas |d,fedora-all/python-backlas |h=affected,fedora-all/pytho |h=affected,fedora-all/pytho |n-django=affected,fedora-al |n-django=affected,fedora-al |l/python-sphinx=affected,fe |l/python-sphinx=affected,fe |dora-all/python-werkzeug=af |dora-all/python-werkzeug=af |fected,fedora-all/roundup=a |fected,fedora-all/roundup=a |ffected,fedora-all/rubygem- |ffected,fedora-all/rubygem- |jquery-rails=affected,fedor |jquery-rails=affected,fedor |a-all/sagemath=affected,fed |a-all/sagemath=affected,fed |ora-all/sparkleshare=affect |ora-all/sparkleshare=affect |ed,fedora-all/spyder=affect |ed,fedora-all/spyder=affect |ed,fedora-all/StarCluster=a |ed,fedora-all/StarCluster=a |ffected,fedora-all/sticky-n |ffected,fedora-all/sticky-n |otes=affected,fedora-all/su |otes=affected,fedora-all/su |gar-help=affected,fedora-al |gar-help=affected,fedora-al |l/varnish-agent=affected,fe |l/varnish-agent=affected,fe |dora-all/webacula=affected, |dora-all/webacula=affected, |fedora-all/wesnoth=affected |fedora-all/wesnoth=affected |,fedora-all/why3=affected,f |,fedora-all/why3=affected,f |edora-all/wordpress=affecte |edora-all/wordpress=affecte |d,fedora-all/yelp-xsl=affec |d,fedora-all/yelp-xsl=affec |ted,fedora-all/zabbix=affec |ted,fedora-all/zabbix=affec |ted,epel-all/drupal7-jquery |ted,epel-all/drupal7-jquery |_update=affected,epel-all/p |_update=affected,epel-all/p |ython-tw-jquery=affected,ep |ython-tw-jquery=affected,ep |el-all/python-tw2-jquery=af |el-all/python-tw2-jquery=af |fected,epel-all/python-XSta |fected,epel-all/python-XSta |tic-jquery-ui=affected,open |tic-jquery-ui=affected,open |shift-1/drupal6-jquery_ui-l |shift-1/drupal6-jquery_ui-l |ib=new,openshift-1/ruby193- |ib=new,openshift-1/ruby193- |rubygem-jquery-rails=new,op |rubygem-jquery-rails=new,op |enshift-enterprise-1/ruby19 |enshift-enterprise-1/ruby19 |3-rubygem-jquery-rails=new, |3-rubygem-jquery-rails=new, |openshift-enterprise-2/ruby |openshift-enterprise-2/ruby |193-rubygem-jquery-rails=ne |193-rubygem-jquery-rails=ne |w,rhscl-1.2/ror40-rubygem-j |w,rhscl-1.2/ror40-rubygem-j |query-rails=new,rhscl-1.2/r |query-rails=new,rhscl-1.2/r |uby193-rubygem-jquery-rails |uby193-rubygem-jquery-rails |=new,rhn_satellite_6/ruby19 |=new,rhn_satellite_6/ruby19 |3-rubygem-jquery-ui-rails=n |3-rubygem-jquery-ui-rails=n |ew,sam-1/ruby193-rubygem-jq |ew,sam-1/ruby193-rubygem-jq |uery-rails=new,cfme-5/ruby1 |uery-rails=new,cfme-5/ruby1 |93-rubygem-jquery-rails=new |93-rubygem-jquery-rails=new |,openstack-4/ruby193-rubyge |,openstack-4/ruby193-rubyge |m-jquery-rails=new,openstac |m-jquery-rails=new,openstac |k-foreman/ruby193-rubygem-j |k-foreman/ruby193-rubygem-j |query-ui-rails=new,rhel-6/i |query-ui-rails=new,rhel-6/i |pa=new,rhel-6/python-sphinx |pa=affected,rhel-6/python-s |=new,rhel-7/ipa=new,rhel-7/ |phinx=new,rhel-7/ipa=affect |python-sphinx=new,rhel-7/ye |ed,rhel-7/python-sphinx=new |lp-xsl=new |,rhel-7/yelp-xsl=new
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166241
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166242
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #6 from Athmane Madjoudj athmanem@gmail.com --- Does this affected only packages with bundled jquery ui, or jquery in general.
For example: sticky-notes has jquery (min) and jquery.cookie but not jquery ui (or code from it), does that make it vulnerable to this issue.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #7 from Orion Poplawski orion@cora.nwra.com --- What version of jquery was this issue introduced in? cobbler bundles jquery ui 1.8.18 and I'm not seeing the patched code in it, although it's hard for me to search in the minimized js.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Wolfgang Ulbrich chat-to-me@raveit.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |vdanen@redhat.com Flags| |needinfo?(vdanen@redhat.com | |)
--- Comment #8 from Wolfgang Ulbrich chat-to-me@raveit.de --- Why did you add my email address again? I do not maintain or co-maintain any package which use jquery ui. And cinnamon isn't affected.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Pavel Zhukov pavel@zhukoff.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|pavel@zhukoff.net |
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|chat-to-me@raveit.de | Flags|needinfo?(vdanen@redhat.com | |) |
--- Comment #9 from Vasyl Kaigorodov vkaigoro@redhat.com --- (In reply to Wolfgang Ulbrich from comment #8)
Why did you add my email address again? I do not maintain or co-maintain any package which use jquery ui. And cinnamon isn't affected.
Sorry for the noise, Wolfgang. It's another issue, and another bug which is treated separately - I'm marking cinnamon as "notaffected" here as well.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=affected,fedora-all/dok |/dl=affected,fedora-all/dok |uwiki=affected,fedora-all/d |uwiki=affected,fedora-all/d |rupal6=affected,fedora-all/ |rupal6=affected,fedora-all/ |drupal7=affected,fedora-all |drupal7=affected,fedora-all |/drupal7-jquery_update=affe |/drupal7-jquery_update=affe |cted,fedora-all/fish=affect |cted,fedora-all/fish=affect |ed,fedora-all/fityk=notaffe |ed,fedora-all/fityk=notaffe |cted,fedora-all/freeipa=aff |cted,fedora-all/freeipa=aff |ected,fedora-all/gallery3=a |ected,fedora-all/gallery3=a |ffected,fedora-all/global=a |ffected,fedora-all/global=a |ffected,fedora-all/graphite |ffected,fedora-all/graphite |-web=affected,fedora-all/ho |-web=affected,fedora-all/ho |tot=affected,fedora-all/iki |tot=affected,fedora-all/iki |wiki=affected,fedora-all/li |wiki=affected,fedora-all/li |bgda=affected,fedora-all/me |bgda=affected,fedora-all/me |diawiki=affected,fedora-all |diawiki=affected,fedora-all |/mojomojo=affected,fedora-a |/mojomojo=affected,fedora-a |ll/nodejs-should=affected,f |ll/nodejs-should=affected,f |edora-all/OpenLP=affected,f |edora-all/OpenLP=affected,f |edora-all/openslides=affect |edora-all/openslides=affect |ed,fedora-all/openteacher=a |ed,fedora-all/openteacher=a |ffected,fedora-all/orbited= |ffected,fedora-all/orbited= |affected,fedora-all/perl-Mo |affected,fedora-all/perl-Mo |jolicious=affected,fedora-a |jolicious=affected,fedora-a |ll/phpPgAdmin=affected,fedo |ll/phpPgAdmin=affected,fedo |ra-all/python-backlash=affe |ra-all/python-backlash=affe |cted,fedora-all/python-djan |cted,fedora-all/python-djan |go=affected,fedora-all/pyth |go=affected,fedora-all/pyth |on-django-debug-toolbar=aff |on-django-debug-toolbar=aff |ected,fedora-all/python-dja |ected,fedora-all/python-dja |ngo-typepadapp=affected,fed |ngo-typepadapp=affected,fed |ora-all/python-django14=aff |ora-all/python-django14=aff |ected,fedora-all/python-dja |ected,fedora-all/python-dja |ngo15=affected,fedora-all/p |ngo15=affected,fedora-all/p |ython-flask-debugtoolbar=af |ython-flask-debugtoolbar=af |fected,fedora-all/python-pe |fected,fedora-all/python-pe |bl=affected,fedora-all/pyth |bl=affected,fedora-all/pyth |on-sphinx=affected,fedora-a |on-sphinx=affected,fedora-a |ll/python-tw-jquery=affecte |ll/python-tw-jquery=affecte |d,fedora-all/python-tw2-jqp |d,fedora-all/python-tw2-jqp |lugins-flot=affected,fedora |lugins-flot=affected,fedora |-all/python-tw2-jquery=affe |-all/python-tw2-jquery=affe |cted,fedora-all/python-werk |cted,fedora-all/python-werk |zeug=affected,fedora-all/py |zeug=affected,fedora-all/py |thon-XStatic-jQuery=affecte |thon-XStatic-jQuery=affecte |d,fedora-all/python-backlas |d,fedora-all/python-backlas |h=affected,fedora-all/pytho |h=affected,fedora-all/pytho |n-django=affected,fedora-al |n-django=affected,fedora-al |l/python-sphinx=affected,fe |l/python-sphinx=affected,fe |dora-all/python-werkzeug=af |dora-all/python-werkzeug=af |fected,fedora-all/roundup=a |fected,fedora-all/roundup=a |ffected,fedora-all/rubygem- |ffected,fedora-all/rubygem- |jquery-rails=affected,fedor |jquery-rails=affected,fedor |a-all/sagemath=affected,fed |a-all/sagemath=affected,fed |ora-all/sparkleshare=affect |ora-all/sparkleshare=affect |ed,fedora-all/spyder=affect |ed,fedora-all/spyder=affect |ed,fedora-all/StarCluster=a |ed,fedora-all/StarCluster=a |ffected,fedora-all/sticky-n |ffected,fedora-all/sticky-n |otes=affected,fedora-all/su |otes=notaffected,fedora-all |gar-help=affected,fedora-al |/sugar-help=affected,fedora |l/varnish-agent=affected,fe |-all/varnish-agent=affected |dora-all/webacula=affected, |,fedora-all/webacula=affect |fedora-all/wesnoth=affected |ed,fedora-all/wesnoth=affec |,fedora-all/why3=affected,f |ted,fedora-all/why3=affecte |edora-all/wordpress=affecte |d,fedora-all/wordpress=affe |d,fedora-all/yelp-xsl=affec |cted,fedora-all/yelp-xsl=af |ted,fedora-all/zabbix=affec |fected,fedora-all/zabbix=af |ted,epel-all/drupal7-jquery |fected,epel-all/drupal7-jqu |_update=affected,epel-all/p |ery_update=affected,epel-al |ython-tw-jquery=affected,ep |l/python-tw-jquery=affected |el-all/python-tw2-jquery=af |,epel-all/python-tw2-jquery |fected,epel-all/python-XSta |=affected,epel-all/python-X |tic-jquery-ui=affected,open |Static-jquery-ui=affected,o |shift-1/drupal6-jquery_ui-l |penshift-1/drupal6-jquery_u |ib=new,openshift-1/ruby193- |i-lib=new,openshift-1/ruby1 |rubygem-jquery-rails=new,op |93-rubygem-jquery-rails=new |enshift-enterprise-1/ruby19 |,openshift-enterprise-1/rub |3-rubygem-jquery-rails=new, |y193-rubygem-jquery-rails=n |openshift-enterprise-2/ruby |ew,openshift-enterprise-2/r |193-rubygem-jquery-rails=ne |uby193-rubygem-jquery-rails |w,rhscl-1.2/ror40-rubygem-j |=new,rhscl-1.2/ror40-rubyge |query-rails=new,rhscl-1.2/r |m-jquery-rails=new,rhscl-1. |uby193-rubygem-jquery-rails |2/ruby193-rubygem-jquery-ra |=new,rhn_satellite_6/ruby19 |ils=new,rhn_satellite_6/rub |3-rubygem-jquery-ui-rails=n |y193-rubygem-jquery-ui-rail |ew,sam-1/ruby193-rubygem-jq |s=new,sam-1/ruby193-rubygem |uery-rails=new,cfme-5/ruby1 |-jquery-rails=new,cfme-5/ru |93-rubygem-jquery-rails=new |by193-rubygem-jquery-rails= |,openstack-4/ruby193-rubyge |new,openstack-4/ruby193-rub |m-jquery-rails=new,openstac |ygem-jquery-rails=new,opens |k-foreman/ruby193-rubygem-j |tack-foreman/ruby193-rubyge |query-ui-rails=new,rhel-6/i |m-jquery-ui-rails=new,rhel- |pa=affected,rhel-6/python-s |6/ipa=affected,rhel-6/pytho |phinx=new,rhel-7/ipa=affect |n-sphinx=new,rhel-7/ipa=aff |ed,rhel-7/python-sphinx=new |ected,rhel-7/python-sphinx= |,rhel-7/yelp-xsl=new |new,rhel-7/yelp-xsl=new
--- Comment #10 from Vasyl Kaigorodov vkaigoro@redhat.com --- (In reply to Orion Poplawski from comment #7)
What version of jquery was this issue introduced in? cobbler bundles jquery ui 1.8.18 and I'm not seeing the patched code in it, although it's hard for me to search in the minimized js.
All versions of jQUery UI prior to 1.10.0 are affected.
(In reply to Athmane Madjoudj from comment #6)
Does this affected only packages with bundled jquery ui, or jquery in general.
For example: sticky-notes has jquery (min) and jquery.cookie but not jquery ui (or code from it), does that make it vulnerable to this issue.
It affects packages which are using bundled jQuery UI version < 1.10.0 If a package is not using jQuery UI - it's not affected.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166758 Depends On| |1166759 Depends On| |1166760 Depends On| |1166761 Depends On| |1166762 Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=affected,fedora-all/dok |/dl=notaffected,fedora-all/ |uwiki=affected,fedora-all/d |dokuwiki=affected,fedora-al |rupal6=affected,fedora-all/ |l/drupal6=affected,fedora-a |drupal7=affected,fedora-all |ll/drupal7=affected,fedora- |/drupal7-jquery_update=affe |all/drupal7-jquery_update=a |cted,fedora-all/fish=affect |ffected,fedora-all/fish=aff |ed,fedora-all/fityk=notaffe |ected,fedora-all/fityk=nota |cted,fedora-all/freeipa=aff |ffected,fedora-all/freeipa= |ected,fedora-all/gallery3=a |affected,fedora-all/gallery |ffected,fedora-all/global=a |3=affected,fedora-all/globa |ffected,fedora-all/graphite |l=affected,fedora-all/graph |-web=affected,fedora-all/ho |ite-web=affected,fedora-all |tot=affected,fedora-all/iki |/hotot=affected,fedora-all/ |wiki=affected,fedora-all/li |ikiwiki=affected,fedora-all |bgda=affected,fedora-all/me |/libgda=affected,fedora-all |diawiki=affected,fedora-all |/mediawiki=affected,fedora- |/mojomojo=affected,fedora-a |all/mojomojo=affected,fedor |ll/nodejs-should=affected,f |a-all/nodejs-should=affecte |edora-all/OpenLP=affected,f |d,fedora-all/OpenLP=notaffe |edora-all/openslides=affect |cted,fedora-all/openslides= |ed,fedora-all/openteacher=a |affected,fedora-all/opentea |ffected,fedora-all/orbited= |cher=affected,fedora-all/or |affected,fedora-all/perl-Mo |bited=affected,fedora-all/p |jolicious=affected,fedora-a |erl-Mojolicious=affected,fe |ll/phpPgAdmin=affected,fedo |dora-all/phpPgAdmin=affecte |ra-all/python-backlash=affe |d,fedora-all/python-backlas |cted,fedora-all/python-djan |h=affected,fedora-all/pytho |go=affected,fedora-all/pyth |n-django=affected,fedora-al |on-django-debug-toolbar=aff |l/python-django-debug-toolb |ected,fedora-all/python-dja |ar=affected,fedora-all/pyth |ngo-typepadapp=affected,fed |on-django-typepadapp=affect |ora-all/python-django14=aff |ed,fedora-all/python-django |ected,fedora-all/python-dja |14=affected,fedora-all/pyth |ngo15=affected,fedora-all/p |on-django15=affected,fedora |ython-flask-debugtoolbar=af |-all/python-flask-debugtool |fected,fedora-all/python-pe |bar=affected,fedora-all/pyt |bl=affected,fedora-all/pyth |hon-pebl=affected,fedora-al |on-sphinx=affected,fedora-a |l/python-sphinx=affected,fe |ll/python-tw-jquery=affecte |dora-all/python-tw-jquery=a |d,fedora-all/python-tw2-jqp |ffected,fedora-all/python-t |lugins-flot=affected,fedora |w2-jqplugins-flot=affected, |-all/python-tw2-jquery=affe |fedora-all/python-tw2-jquer |cted,fedora-all/python-werk |y=affected,fedora-all/pytho |zeug=affected,fedora-all/py |n-werkzeug=affected,fedora- |thon-XStatic-jQuery=affecte |all/python-XStatic-jQuery=a |d,fedora-all/python-backlas |ffected,fedora-all/python-b |h=affected,fedora-all/pytho |acklash=affected,fedora-all |n-django=affected,fedora-al |/python-django=affected,fed |l/python-sphinx=affected,fe |ora-all/python-sphinx=affec |dora-all/python-werkzeug=af |ted,fedora-all/python-werkz |fected,fedora-all/roundup=a |eug=affected,fedora-all/rou |ffected,fedora-all/rubygem- |ndup=affected,fedora-all/ru |jquery-rails=affected,fedor |bygem-jquery-rails=affected |a-all/sagemath=affected,fed |,fedora-all/sagemath=affect |ora-all/sparkleshare=affect |ed,fedora-all/sparkleshare= |ed,fedora-all/spyder=affect |affected,fedora-all/spyder= |ed,fedora-all/StarCluster=a |affected,fedora-all/StarClu |ffected,fedora-all/sticky-n |ster=affected,fedora-all/st |otes=notaffected,fedora-all |icky-notes=notaffected,fedo |/sugar-help=affected,fedora |ra-all/sugar-help=affected, |-all/varnish-agent=affected |fedora-all/varnish-agent=af |,fedora-all/webacula=affect |fected,fedora-all/webacula= |ed,fedora-all/wesnoth=affec |affected,fedora-all/wesnoth |ted,fedora-all/why3=affecte |=affected,fedora-all/why3=a |d,fedora-all/wordpress=affe |ffected,fedora-all/wordpres |cted,fedora-all/yelp-xsl=af |s=affected,fedora-all/yelp- |fected,fedora-all/zabbix=af |xsl=affected,fedora-all/zab |fected,epel-all/drupal7-jqu |bix=affected,epel-all/drupa |ery_update=affected,epel-al |l7-jquery_update=affected,e |l/python-tw-jquery=affected |pel-all/python-tw-jquery=af |,epel-all/python-tw2-jquery |fected,epel-all/python-tw2- |=affected,epel-all/python-X |jquery=affected,epel-all/py |Static-jquery-ui=affected,o |thon-XStatic-jquery-ui=affe |penshift-1/drupal6-jquery_u |cted,openshift-1/drupal6-jq |i-lib=new,openshift-1/ruby1 |uery_ui-lib=new,openshift-1 |93-rubygem-jquery-rails=new |/ruby193-rubygem-jquery-rai |,openshift-enterprise-1/rub |ls=new,openshift-enterprise |y193-rubygem-jquery-rails=n |-1/ruby193-rubygem-jquery-r |ew,openshift-enterprise-2/r |ails=new,openshift-enterpri |uby193-rubygem-jquery-rails |se-2/ruby193-rubygem-jquery |=new,rhscl-1.2/ror40-rubyge |-rails=new,rhscl-1.2/ror40- |m-jquery-rails=new,rhscl-1. |rubygem-jquery-rails=new,rh |2/ruby193-rubygem-jquery-ra |scl-1.2/ruby193-rubygem-jqu |ils=new,rhn_satellite_6/rub |ery-rails=new,rhn_satellite |y193-rubygem-jquery-ui-rail |_6/ruby193-rubygem-jquery-u |s=new,sam-1/ruby193-rubygem |i-rails=new,sam-1/ruby193-r |-jquery-rails=new,cfme-5/ru |ubygem-jquery-rails=new,cfm |by193-rubygem-jquery-rails= |e-5/ruby193-rubygem-jquery- |new,openstack-4/ruby193-rub |rails=new,openstack-4/ruby1 |ygem-jquery-rails=new,opens |93-rubygem-jquery-rails=new |tack-foreman/ruby193-rubyge |,openstack-foreman/ruby193- |m-jquery-ui-rails=new,rhel- |rubygem-jquery-ui-rails=new |6/ipa=affected,rhel-6/pytho |,rhel-6/ipa=affected,rhel-6 |n-sphinx=new,rhel-7/ipa=aff |/python-sphinx=new,rhel-7/i |ected,rhel-7/python-sphinx= |pa=affected,rhel-7/python-s |new,rhel-7/yelp-xsl=new |phinx=new,rhel-7/yelp-xsl=n | |ew
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1166758 [Bug 1166758] CVE-2010-5312 asterisk-gui: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166759 [Bug 1166759] CVE-2010-5312 beacon: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166760 [Bug 1166760] CVE-2010-5312 blender: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166761 [Bug 1166761] CVE-2010-5312 bodhi: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166762 [Bug 1166762] CVE-2010-5312 cacti: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166764 Depends On| |1166765 Depends On| |1166766 Depends On| |1166767 Depends On| |1166768 Depends On| |1166769 Depends On| |1166770 Depends On| |1166771 Depends On| |1166772 Depends On| |1166773 Depends On| |1166774 Depends On| |1166775 Depends On| |1166776 Depends On| |1166777 Depends On| |1166778 Depends On| |1166779 Depends On| |1166780 Depends On| |1166781 Depends On| |1166782 Depends On| |1166784 Depends On| |1166785 Depends On| |1166786 Depends On| |1166787 Depends On| |1166788 Depends On| |1166789 Depends On| |1166790 Depends On| |1166791 Depends On| |1166792 Depends On| |1166793 Depends On| |1166794 Depends On| |1166795 Depends On| |1166796 Depends On| |1166797 Depends On| |1166798 Depends On| |1166799 Depends On| |1166800 Depends On| |1166801 Depends On| |1166802 Depends On| |1166803 Depends On| |1166804 Depends On| |1166805 Depends On| |1166806 Depends On| |1166807 Depends On| |1166809 Depends On| |1166810 Depends On| |1166812 Depends On| |1166813 Depends On| |1166814 Depends On| |1166815 Depends On| |1166816 Depends On| |1166817 Depends On| |1166818 Depends On| |1166819 Depends On| |1166820 Depends On| |1166821 Depends On| |1166822 Depends On| |1166823 Depends On| |1166824 Depends On| |1166825 Depends On| |1166826 Depends On| |1166827 Depends On| |1166828 Depends On| |1166829
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1166764 [Bug 1166764] CVE-2010-5312 calibre: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166765 [Bug 1166765] CVE-2010-5312 ckeditor: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166766 [Bug 1166766] CVE-2010-5312 cobbler: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166767 [Bug 1166767] CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166768 [Bug 1166768] CVE-2010-5312 cumin: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166769 [Bug 1166769] CVE-2010-5312 django-typepad: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166770 [Bug 1166770] CVE-2010-5312 dokuwiki: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166771 [Bug 1166771] CVE-2010-5312 drupal6: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166772 [Bug 1166772] CVE-2010-5312 drupal7: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166773 [Bug 1166773] CVE-2010-5312 drupal7-jquery_update: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166774 [Bug 1166774] CVE-2010-5312 fish: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166775 [Bug 1166775] CVE-2010-5312 gallery3: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166776 [Bug 1166776] CVE-2010-5312 global: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166777 [Bug 1166777] CVE-2010-5312 graphite-web: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166778 [Bug 1166778] CVE-2010-5312 hotot: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166779 [Bug 1166779] CVE-2010-5312 ikiwiki: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166780 [Bug 1166780] CVE-2010-5312 libgda: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166781 [Bug 1166781] CVE-2010-5312 mediawiki: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166782 [Bug 1166782] CVE-2010-5312 mojomojo: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166784 [Bug 1166784] CVE-2010-5312 nodejs-should: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166785 [Bug 1166785] CVE-2010-5312 openslides: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166786 [Bug 1166786] CVE-2010-5312 openteacher: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166787 [Bug 1166787] CVE-2010-5312 orbited: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166788 [Bug 1166788] CVE-2010-5312 perl-Mojolicious: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166789 [Bug 1166789] CVE-2010-5312 phpPgAdmin: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166790 [Bug 1166790] CVE-2010-5312 python-backlash: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166791 [Bug 1166791] CVE-2010-5312 python-django: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166792 [Bug 1166792] CVE-2010-5312 python-django-debug-toolbar: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166793 [Bug 1166793] CVE-2010-5312 python-django-typepadapp: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166794 [Bug 1166794] CVE-2010-5312 python-django14: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166795 [Bug 1166795] CVE-2010-5312 python-django15: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166796 [Bug 1166796] CVE-2010-5312 python-flask-debugtoolbar: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166797 [Bug 1166797] CVE-2010-5312 python-pebl: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166798 [Bug 1166798] CVE-2010-5312 python-sphinx: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166799 [Bug 1166799] CVE-2010-5312 python-tw-jquery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166800 [Bug 1166800] CVE-2010-5312 python-tw2-jqplugins-flot: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166801 [Bug 1166801] CVE-2010-5312 python-tw2-jquery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166802 [Bug 1166802] CVE-2010-5312 python-werkzeug: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166803 [Bug 1166803] CVE-2010-5312 python-XStatic-jQuery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166804 [Bug 1166804] CVE-2010-5312 python-backlash: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166805 [Bug 1166805] CVE-2010-5312 python-django: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166806 [Bug 1166806] CVE-2010-5312 python-sphinx: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166807 [Bug 1166807] CVE-2010-5312 python-werkzeug: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166809 [Bug 1166809] CVE-2010-5312 roundup: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166810 [Bug 1166810] CVE-2010-5312 rubygem-jquery-rails: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166812 [Bug 1166812] CVE-2010-5312 sagemath: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166813 [Bug 1166813] CVE-2010-5312 sparkleshare: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166814 [Bug 1166814] CVE-2010-5312 spyder: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166815 [Bug 1166815] CVE-2010-5312 StarCluster: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166816 [Bug 1166816] CVE-2010-5312 sugar-help: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166817 [Bug 1166817] CVE-2010-5312 varnish-agent: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166818 [Bug 1166818] CVE-2010-5312 webacula: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166819 [Bug 1166819] CVE-2010-5312 wesnoth: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166820 [Bug 1166820] CVE-2010-5312 why3: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166821 [Bug 1166821] CVE-2010-5312 wordpress: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166822 [Bug 1166822] CVE-2010-5312 yelp-xsl: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166823 [Bug 1166823] CVE-2010-5312 zabbix: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166824 [Bug 1166824] CVE-2010-5312 drupal7-jquery_update: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166825 [Bug 1166825] CVE-2010-5312 python-tw-jquery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166826 [Bug 1166826] CVE-2010-5312 python-tw2-jquery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166827 [Bug 1166827] CVE-2010-5312 python-XStatic-jquery-ui: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #12 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created nodejs-should tracking bugs for this issue:
Affects: fedora-all [bug 1166784]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #13 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created openslides tracking bugs for this issue:
Affects: fedora-all [bug 1166785]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #14 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-django-debug-toolbar tracking bugs for this issue:
Affects: fedora-all [bug 1166792]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #15 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created dokuwiki tracking bugs for this issue:
Affects: fedora-all [bug 1166770]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #16 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created fish tracking bugs for this issue:
Affects: fedora-all [bug 1166774]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #17 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created global tracking bugs for this issue:
Affects: fedora-all [bug 1166776]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #18 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created yelp-xsl tracking bugs for this issue:
Affects: fedora-all [bug 1166822]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #19 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created why3 tracking bugs for this issue:
Affects: fedora-all [bug 1166820]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #20 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created mojomojo tracking bugs for this issue:
Affects: fedora-all [bug 1166782]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #21 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created mediawiki tracking bugs for this issue:
Affects: fedora-all [bug 1166781]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #22 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-pebl tracking bugs for this issue:
Affects: fedora-all [bug 1166797]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #23 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created cobbler tracking bugs for this issue:
Affects: fedora-all [bug 1166766]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #24 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-XStatic-jquery-ui tracking bugs for this issue:
Affects: epel-all [bug 1166827]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #25 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created drupal7-jquery_update tracking bugs for this issue:
Affects: fedora-all [bug 1166773] Affects: epel-all [bug 1166824]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #26 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-tw2-jqplugins-flot tracking bugs for this issue:
Affects: fedora-all [bug 1166800]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #27 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-sphinx tracking bugs for this issue:
Affects: fedora-all [bug 1166798] Affects: fedora-all [bug 1166806]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #28 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created couchdb tracking bugs for this issue:
Affects: fedora-all [bug 1166767]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
David Riches david.r@ultracar.co.uk changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|david.r@ultracar.co.uk |
--- Comment #29 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created calibre tracking bugs for this issue:
Affects: fedora-all [bug 1166764]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #30 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created phpPgAdmin tracking bugs for this issue:
Affects: fedora-all [bug 1166789]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #31 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created StarCluster tracking bugs for this issue:
Affects: fedora-all [bug 1166815]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #32 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created sugar-help tracking bugs for this issue:
Affects: fedora-all [bug 1166816]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #33 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-werkzeug tracking bugs for this issue:
Affects: fedora-all [bug 1166802] Affects: fedora-all [bug 1166807]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #34 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created orbited tracking bugs for this issue:
Affects: fedora-all [bug 1166787]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #35 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created gallery3 tracking bugs for this issue:
Affects: fedora-all [bug 1166775]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #36 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-django14 tracking bugs for this issue:
Affects: fedora-all [bug 1166794]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #37 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-django15 tracking bugs for this issue:
Affects: fedora-all [bug 1166795]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #38 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-tw2-jquery tracking bugs for this issue:
Affects: fedora-all [bug 1166801] Affects: epel-all [bug 1166826]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #39 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created wordpress tracking bugs for this issue:
Affects: fedora-all [bug 1166821]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #40 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created varnish-agent tracking bugs for this issue:
Affects: fedora-all [bug 1166817]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #41 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created hotot tracking bugs for this issue:
Affects: fedora-all [bug 1166778]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #42 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-django tracking bugs for this issue:
Affects: fedora-all [bug 1166791] Affects: fedora-all [bug 1166805]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #43 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created sagemath tracking bugs for this issue:
Affects: fedora-all [bug 1166812]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #44 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-XStatic-jQuery tracking bugs for this issue:
Affects: fedora-all [bug 1166803]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #45 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created sparkleshare tracking bugs for this issue:
Affects: fedora-all [bug 1166813]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #46 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created wesnoth tracking bugs for this issue:
Affects: fedora-all [bug 1166819]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #47 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created webacula tracking bugs for this issue:
Affects: fedora-all [bug 1166818]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #48 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created libgda tracking bugs for this issue:
Affects: fedora-all [bug 1166780]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #49 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-tw-jquery tracking bugs for this issue:
Affects: fedora-all [bug 1166799] Affects: epel-all [bug 1166825]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #50 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created openteacher tracking bugs for this issue:
Affects: fedora-all [bug 1166786]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #51 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created ikiwiki tracking bugs for this issue:
Affects: fedora-all [bug 1166779]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #52 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created graphite-web tracking bugs for this issue:
Affects: fedora-all [bug 1166777]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #53 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created roundup tracking bugs for this issue:
Affects: fedora-all [bug 1166809]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #54 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-backlash tracking bugs for this issue:
Affects: fedora-all [bug 1166790] Affects: fedora-all [bug 1166804]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #55 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created perl-Mojolicious tracking bugs for this issue:
Affects: fedora-all [bug 1166788]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #56 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created ckeditor tracking bugs for this issue:
Affects: fedora-all [bug 1166765]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #57 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-django-typepadapp tracking bugs for this issue:
Affects: fedora-all [bug 1166793]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #58 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created cumin tracking bugs for this issue:
Affects: fedora-all [bug 1166768]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #59 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created zabbix tracking bugs for this issue:
Affects: fedora-all [bug 1166823]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #60 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created rubygem-jquery-rails tracking bugs for this issue:
Affects: fedora-all [bug 1166810]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #61 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created drupal7 tracking bugs for this issue:
Affects: fedora-all [bug 1166772]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #62 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created drupal6 tracking bugs for this issue:
Affects: fedora-all [bug 1166771]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166778, which changed state.
Bug 1166778 Summary: CVE-2010-5312 hotot: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166778
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |CANTFIX
--- Comment #62 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created drupal6 tracking bugs for this issue:
Affects: fedora-all [bug 1166771]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #63 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created spyder tracking bugs for this issue:
Affects: fedora-all [bug 1166814]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #64 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created python-flask-debugtoolbar tracking bugs for this issue:
Affects: fedora-all [bug 1166796]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #65 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created django-typepad tracking bugs for this issue:
Affects: fedora-all [bug 1166769]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166821, which changed state.
Bug 1166821 Summary: CVE-2010-5312 wordpress: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166821
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166765, which changed state.
Bug 1166765 Summary: CVE-2010-5312 ckeditor: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166765
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166099
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1166099 [Bug 1166099] CVE-2012-6662 dokuwiki: jquery-ui: XSS vulnerability in default content in Tooltip widget [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166770, which changed state.
Bug 1166770 Summary: CVE-2010-5312 dokuwiki: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166770
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |DUPLICATE
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166103
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1166103 [Bug 1166103] CVE-2012-6662 fish: jquery-ui: XSS vulnerability in default content in Tooltip widget [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166774, which changed state.
Bug 1166774 Summary: CVE-2010-5312 fish: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166774
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |DUPLICATE
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1166111
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1166111 [Bug 1166111] CVE-2012-6662 hotot: jquery-ui: XSS vulnerability in default content in Tooltip widget [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166777, which changed state.
Bug 1166777 Summary: CVE-2010-5312 graphite-web: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166777
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166814, which changed state.
Bug 1166814 Summary: CVE-2010-5312 spyder: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166814
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166827, which changed state.
Bug 1166827 Summary: CVE-2010-5312 python-XStatic-jquery-ui: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166827
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166794, which changed state.
Bug 1166794 Summary: CVE-2010-5312 python-django14: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166794
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166795, which changed state.
Bug 1166795 Summary: CVE-2010-5312 python-django15: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166795
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166805, which changed state.
Bug 1166805 Summary: CVE-2010-5312 python-django: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166805
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166809, which changed state.
Bug 1166809 Summary: CVE-2010-5312 roundup: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166809
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166789, which changed state.
Bug 1166789 Summary: CVE-2010-5312 phpPgAdmin: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166789
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166784, which changed state.
Bug 1166784 Summary: CVE-2010-5312 nodejs-should: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166784
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166815, which changed state.
Bug 1166815 Summary: CVE-2010-5312 StarCluster: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166815
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166776, which changed state.
Bug 1166776 Summary: CVE-2010-5312 global: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166776
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166788, which changed state.
Bug 1166788 Summary: CVE-2010-5312 perl-Mojolicious: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166788
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166823, which changed state.
Bug 1166823 Summary: CVE-2010-5312 zabbix: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166823
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166791, which changed state.
Bug 1166791 Summary: CVE-2010-5312 python-django: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166791
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166785, which changed state.
Bug 1166785 Summary: CVE-2010-5312 openslides: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166785
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166792, which changed state.
Bug 1166792 Summary: CVE-2010-5312 python-django-debug-toolbar: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166792
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166803, which changed state.
Bug 1166803 Summary: CVE-2010-5312 python-XStatic-jQuery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166803
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166820, which changed state.
Bug 1166820 Summary: CVE-2010-5312 why3: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166820
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166781, which changed state.
Bug 1166781 Summary: CVE-2010-5312 mediawiki: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166781
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166767, which changed state.
Bug 1166767 Summary: CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166767
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Ian Weller ian@ianweller.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|ian@ianweller.org |
Yuri Timofeev tim4dev@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|tim4dev@gmail.com |
--- Comment #66 from Fedora Update System updates@fedoraproject.org --- couchdb-1.6.1-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #67 from Fedora Update System updates@fedoraproject.org --- couchdb-1.6.1-4.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166807, which changed state.
Bug 1166807 Summary: CVE-2010-5312 python-werkzeug: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166807
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166802, which changed state.
Bug 1166802 Summary: CVE-2010-5312 python-werkzeug: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166802
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166786, which changed state.
Bug 1166786 Summary: CVE-2010-5312 openteacher: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166786
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166824, which changed state.
Bug 1166824 Summary: CVE-2010-5312 drupal7-jquery_update: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166824
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166773, which changed state.
Bug 1166773 Summary: CVE-2010-5312 drupal7-jquery_update: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166773
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jrusnack@redhat.com Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=notaffected,fedora-all/ |/dl=notaffected,fedora-all/ |dokuwiki=affected,fedora-al |dokuwiki=affected,fedora-al |l/drupal6=affected,fedora-a |l/drupal6=affected,fedora-a |ll/drupal7=affected,fedora- |ll/drupal7=affected,fedora- |all/drupal7-jquery_update=a |all/drupal7-jquery_update=a |ffected,fedora-all/fish=aff |ffected,fedora-all/fish=aff |ected,fedora-all/fityk=nota |ected,fedora-all/fityk=nota |ffected,fedora-all/freeipa= |ffected,fedora-all/freeipa= |affected,fedora-all/gallery |affected,fedora-all/gallery |3=affected,fedora-all/globa |3=affected,fedora-all/globa |l=affected,fedora-all/graph |l=affected,fedora-all/graph |ite-web=affected,fedora-all |ite-web=affected,fedora-all |/hotot=affected,fedora-all/ |/hotot=affected,fedora-all/ |ikiwiki=affected,fedora-all |ikiwiki=affected,fedora-all |/libgda=affected,fedora-all |/libgda=affected,fedora-all |/mediawiki=affected,fedora- |/mediawiki=affected,fedora- |all/mojomojo=affected,fedor |all/mojomojo=affected,fedor |a-all/nodejs-should=affecte |a-all/nodejs-should=affecte |d,fedora-all/OpenLP=notaffe |d,fedora-all/OpenLP=notaffe |cted,fedora-all/openslides= |cted,fedora-all/openslides= |affected,fedora-all/opentea |affected,fedora-all/opentea |cher=affected,fedora-all/or |cher=affected,fedora-all/or |bited=affected,fedora-all/p |bited=affected,fedora-all/p |erl-Mojolicious=affected,fe |erl-Mojolicious=affected,fe |dora-all/phpPgAdmin=affecte |dora-all/phpPgAdmin=affecte |d,fedora-all/python-backlas |d,fedora-all/python-backlas |h=affected,fedora-all/pytho |h=affected,fedora-all/pytho |n-django=affected,fedora-al |n-django=affected,fedora-al |l/python-django-debug-toolb |l/python-django-debug-toolb |ar=affected,fedora-all/pyth |ar=affected,fedora-all/pyth |on-django-typepadapp=affect |on-django-typepadapp=affect |ed,fedora-all/python-django |ed,fedora-all/python-django |14=affected,fedora-all/pyth |14=affected,fedora-all/pyth |on-django15=affected,fedora |on-django15=affected,fedora |-all/python-flask-debugtool |-all/python-flask-debugtool |bar=affected,fedora-all/pyt |bar=affected,fedora-all/pyt |hon-pebl=affected,fedora-al |hon-pebl=affected,fedora-al |l/python-sphinx=affected,fe |l/python-sphinx=affected,fe |dora-all/python-tw-jquery=a |dora-all/python-tw-jquery=a |ffected,fedora-all/python-t |ffected,fedora-all/python-t |w2-jqplugins-flot=affected, |w2-jqplugins-flot=affected, |fedora-all/python-tw2-jquer |fedora-all/python-tw2-jquer |y=affected,fedora-all/pytho |y=affected,fedora-all/pytho |n-werkzeug=affected,fedora- |n-werkzeug=affected,fedora- |all/python-XStatic-jQuery=a |all/python-XStatic-jQuery=a |ffected,fedora-all/python-b |ffected,fedora-all/python-w |acklash=affected,fedora-all |erkzeug=affected,fedora-all |/python-django=affected,fed |/roundup=affected,fedora-al |ora-all/python-sphinx=affec |l/rubygem-jquery-rails=affe |ted,fedora-all/python-werkz |cted,fedora-all/sagemath=af |eug=affected,fedora-all/rou |fected,fedora-all/sparklesh |ndup=affected,fedora-all/ru |are=affected,fedora-all/spy |bygem-jquery-rails=affected |der=affected,fedora-all/Sta |,fedora-all/sagemath=affect |rCluster=affected,fedora-al |ed,fedora-all/sparkleshare= |l/sticky-notes=notaffected, |affected,fedora-all/spyder= |fedora-all/sugar-help=affec |affected,fedora-all/StarClu |ted,fedora-all/varnish-agen |ster=affected,fedora-all/st |t=affected,fedora-all/webac |icky-notes=notaffected,fedo |ula=affected,fedora-all/wes |ra-all/sugar-help=affected, |noth=affected,fedora-all/wh |fedora-all/varnish-agent=af |y3=affected,fedora-all/word |fected,fedora-all/webacula= |press=affected,fedora-all/y |affected,fedora-all/wesnoth |elp-xsl=affected,fedora-all |=affected,fedora-all/why3=a |/zabbix=affected,epel-all/d |ffected,fedora-all/wordpres |rupal7-jquery_update=affect |s=affected,fedora-all/yelp- |ed,epel-all/python-tw-jquer |xsl=affected,fedora-all/zab |y=affected,epel-all/python- |bix=affected,epel-all/drupa |tw2-jquery=affected,epel-al |l7-jquery_update=affected,e |l/python-XStatic-jquery-ui= |pel-all/python-tw-jquery=af |affected,openshift-1/drupal |fected,epel-all/python-tw2- |6-jquery_ui-lib=new,openshi |jquery=affected,epel-all/py |ft-1/ruby193-rubygem-jquery |thon-XStatic-jquery-ui=affe |-rails=new,openshift-enterp |cted,openshift-1/drupal6-jq |rise-1/ruby193-rubygem-jque |uery_ui-lib=new,openshift-1 |ry-rails=new,openshift-ente |/ruby193-rubygem-jquery-rai |rprise-2/ruby193-rubygem-jq |ls=new,openshift-enterprise |uery-rails=new,rhscl-1.2/ro |-1/ruby193-rubygem-jquery-r |r40-rubygem-jquery-rails=ne |ails=new,openshift-enterpri |w,rhscl-1.2/ruby193-rubygem |se-2/ruby193-rubygem-jquery |-jquery-rails=new,rhn_satel |-rails=new,rhscl-1.2/ror40- |lite_6/ruby193-rubygem-jque |rubygem-jquery-rails=new,rh |ry-ui-rails=new,sam-1/ruby1 |scl-1.2/ruby193-rubygem-jqu |93-rubygem-jquery-rails=new |ery-rails=new,rhn_satellite |,cfme-5/ruby193-rubygem-jqu |_6/ruby193-rubygem-jquery-u |ery-rails=new,openstack-4/r |i-rails=new,sam-1/ruby193-r |uby193-rubygem-jquery-rails |ubygem-jquery-rails=new,cfm |=new,openstack-foreman/ruby |e-5/ruby193-rubygem-jquery- |193-rubygem-jquery-ui-rails |rails=new,openstack-4/ruby1 |=new,rhel-6/ipa=affected,rh |93-rubygem-jquery-rails=new |el-6/python-sphinx=new,rhel |,openstack-foreman/ruby193- |-7/ipa=affected,rhel-7/pyth |rubygem-jquery-ui-rails=new |on-sphinx=new,rhel-7/yelp-x |,rhel-6/ipa=affected,rhel-6 |sl=new |/python-sphinx=new,rhel-7/i | |pa=affected,rhel-7/python-s | |phinx=new,rhel-7/yelp-xsl=n | |ew |
--- Comment #68 from Ján Rusnačko jrusnack@redhat.com --- Deleting duplicate fedora-all/python-werkzeug=, fedora-all/python-sphinx=, fedora-all/python-django= from whiteboard.
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #69 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2015:0442 https://rhn.redhat.com/errata/RHSA-2015-0442.html
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166099, which changed state.
Bug 1166099 Summary: CVE-2012-6662 dokuwiki: jquery-ui: XSS vulnerability in default content in Tooltip widget [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166099
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166769, which changed state.
Bug 1166769 Summary: CVE-2010-5312 django-typepad: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166769
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166782, which changed state.
Bug 1166782 Summary: CVE-2010-5312 mojomojo: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166782
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166813, which changed state.
Bug 1166813 Summary: CVE-2010-5312 sparkleshare: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166813
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166768, which changed state.
Bug 1166768 Summary: CVE-2010-5312 cumin: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166768
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166797, which changed state.
Bug 1166797 Summary: CVE-2010-5312 python-pebl: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166797
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166812, which changed state.
Bug 1166812 Summary: CVE-2010-5312 sagemath: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166812
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |CURRENTRELEASE
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166229, which changed state.
Bug 1166229 Summary: CVE-2010-5312 freeipa: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166229
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NEXTRELEASE
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166810, which changed state.
Bug 1166810 Summary: CVE-2010-5312 rubygem-jquery-rails: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166810
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166759, which changed state.
Bug 1166759 Summary: CVE-2010-5312 beacon: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166759
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166760, which changed state.
Bug 1166760 Summary: CVE-2010-5312 blender: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166760
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166761, which changed state.
Bug 1166761 Summary: CVE-2010-5312 bodhi: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166761
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166764, which changed state.
Bug 1166764 Summary: CVE-2010-5312 calibre: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166764
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166771, which changed state.
Bug 1166771 Summary: CVE-2010-5312 drupal6: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166771
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166772, which changed state.
Bug 1166772 Summary: CVE-2010-5312 drupal7: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166772
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166775, which changed state.
Bug 1166775 Summary: CVE-2010-5312 gallery3: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166775
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166780, which changed state.
Bug 1166780 Summary: CVE-2010-5312 libgda: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166780
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166787, which changed state.
Bug 1166787 Summary: CVE-2010-5312 orbited: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166787
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166790, which changed state.
Bug 1166790 Summary: CVE-2010-5312 python-backlash: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166790
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166793, which changed state.
Bug 1166793 Summary: CVE-2010-5312 python-django-typepadapp: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166793
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166796, which changed state.
Bug 1166796 Summary: CVE-2010-5312 python-flask-debugtoolbar: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166796
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166798, which changed state.
Bug 1166798 Summary: CVE-2010-5312 python-sphinx: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166798
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166799, which changed state.
Bug 1166799 Summary: CVE-2010-5312 python-tw-jquery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166799
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166801, which changed state.
Bug 1166801 Summary: CVE-2010-5312 python-tw2-jquery: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166801
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166804, which changed state.
Bug 1166804 Summary: CVE-2010-5312 python-backlash: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166804
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166806, which changed state.
Bug 1166806 Summary: CVE-2010-5312 python-sphinx: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166806
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166816, which changed state.
Bug 1166816 Summary: CVE-2010-5312 sugar-help: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166816
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166817, which changed state.
Bug 1166817 Summary: CVE-2010-5312 varnish-agent: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166817
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166818, which changed state.
Bug 1166818 Summary: CVE-2010-5312 webacula: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166818
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166819, which changed state.
Bug 1166819 Summary: CVE-2010-5312 wesnoth: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166819
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166822, which changed state.
Bug 1166822 Summary: CVE-2010-5312 yelp-xsl: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166822
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166779, which changed state.
Bug 1166779 Summary: CVE-2010-5312 ikiwiki: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166779
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #70 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Via RHSA-2015:1462 https://rhn.redhat.com/errata/RHSA-2015-1462.html
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--- Comment #71 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Via RHSA-2015:1462 https://rhn.redhat.com/errata/RHSA-2015-1462.html
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=notaffected,fedora-all/ |/dl=notaffected,fedora-all/ |dokuwiki=affected,fedora-al |dokuwiki=affected,fedora-al |l/drupal6=affected,fedora-a |l/drupal6=affected,fedora-a |ll/drupal7=affected,fedora- |ll/drupal7=affected,fedora- |all/drupal7-jquery_update=a |all/drupal7-jquery_update=a |ffected,fedora-all/fish=aff |ffected,fedora-all/fish=aff |ected,fedora-all/fityk=nota |ected,fedora-all/fityk=nota |ffected,fedora-all/freeipa= |ffected,fedora-all/freeipa= |affected,fedora-all/gallery |affected,fedora-all/gallery |3=affected,fedora-all/globa |3=affected,fedora-all/globa |l=affected,fedora-all/graph |l=affected,fedora-all/graph |ite-web=affected,fedora-all |ite-web=affected,fedora-all |/hotot=affected,fedora-all/ |/hotot=affected,fedora-all/ |ikiwiki=affected,fedora-all |ikiwiki=affected,fedora-all |/libgda=affected,fedora-all |/libgda=affected,fedora-all |/mediawiki=affected,fedora- |/mediawiki=affected,fedora- |all/mojomojo=affected,fedor |all/mojomojo=affected,fedor |a-all/nodejs-should=affecte |a-all/nodejs-should=affecte |d,fedora-all/OpenLP=notaffe |d,fedora-all/OpenLP=notaffe |cted,fedora-all/openslides= |cted,fedora-all/openslides= |affected,fedora-all/opentea |affected,fedora-all/opentea |cher=affected,fedora-all/or |cher=affected,fedora-all/or |bited=affected,fedora-all/p |bited=affected,fedora-all/p |erl-Mojolicious=affected,fe |erl-Mojolicious=affected,fe |dora-all/phpPgAdmin=affecte |dora-all/phpPgAdmin=affecte |d,fedora-all/python-backlas |d,fedora-all/python-backlas |h=affected,fedora-all/pytho |h=affected,fedora-all/pytho |n-django=affected,fedora-al |n-django=affected,fedora-al |l/python-django-debug-toolb |l/python-django-debug-toolb |ar=affected,fedora-all/pyth |ar=affected,fedora-all/pyth |on-django-typepadapp=affect |on-django-typepadapp=affect |ed,fedora-all/python-django |ed,fedora-all/python-django |14=affected,fedora-all/pyth |14=affected,fedora-all/pyth |on-django15=affected,fedora |on-django15=affected,fedora |-all/python-flask-debugtool |-all/python-flask-debugtool |bar=affected,fedora-all/pyt |bar=affected,fedora-all/pyt |hon-pebl=affected,fedora-al |hon-pebl=affected,fedora-al |l/python-sphinx=affected,fe |l/python-sphinx=affected,fe |dora-all/python-tw-jquery=a |dora-all/python-tw-jquery=a |ffected,fedora-all/python-t |ffected,fedora-all/python-t |w2-jqplugins-flot=affected, |w2-jqplugins-flot=affected, |fedora-all/python-tw2-jquer |fedora-all/python-tw2-jquer |y=affected,fedora-all/pytho |y=affected,fedora-all/pytho |n-werkzeug=affected,fedora- |n-werkzeug=affected,fedora- |all/python-XStatic-jQuery=a |all/python-XStatic-jQuery=a |ffected,fedora-all/python-w |ffected,fedora-all/roundup= |erkzeug=affected,fedora-all |affected,fedora-all/rubygem |/roundup=affected,fedora-al |-jquery-rails=affected,fedo |l/rubygem-jquery-rails=affe |ra-all/sagemath=affected,fe |cted,fedora-all/sagemath=af |dora-all/sparkleshare=affec |fected,fedora-all/sparklesh |ted,fedora-all/spyder=affec |are=affected,fedora-all/spy |ted,fedora-all/StarCluster= |der=affected,fedora-all/Sta |affected,fedora-all/sticky- |rCluster=affected,fedora-al |notes=notaffected,fedora-al |l/sticky-notes=notaffected, |l/sugar-help=affected,fedor |fedora-all/sugar-help=affec |a-all/varnish-agent=affecte |ted,fedora-all/varnish-agen |d,fedora-all/webacula=affec |t=affected,fedora-all/webac |ted,fedora-all/wesnoth=affe |ula=affected,fedora-all/wes |cted,fedora-all/why3=affect |noth=affected,fedora-all/wh |ed,fedora-all/wordpress=aff |y3=affected,fedora-all/word |ected,fedora-all/yelp-xsl=a |press=affected,fedora-all/y |ffected,fedora-all/zabbix=a |elp-xsl=affected,fedora-all |ffected,epel-all/drupal7-jq |/zabbix=affected,epel-all/d |uery_update=affected,epel-a |rupal7-jquery_update=affect |ll/python-tw-jquery=affecte |ed,epel-all/python-tw-jquer |d,epel-all/python-tw2-jquer |y=affected,epel-all/python- |y=affected,epel-all/python- |tw2-jquery=affected,epel-al |XStatic-jquery-ui=affected, |l/python-XStatic-jquery-ui= |openshift-1/drupal6-jquery_ |affected,openshift-1/drupal |ui-lib=new,openshift-1/ruby |6-jquery_ui-lib=new,openshi |193-rubygem-jquery-rails=ne |ft-1/ruby193-rubygem-jquery |w,openshift-enterprise-1/ru |-rails=new,openshift-enterp |by193-rubygem-jquery-rails= |rise-1/ruby193-rubygem-jque |new,openshift-enterprise-2/ |ry-rails=new,openshift-ente |ruby193-rubygem-jquery-rail |rprise-2/ruby193-rubygem-jq |s=new,rhscl-1.2/ror40-rubyg |uery-rails=new,rhscl-1.2/ro |em-jquery-rails=new,rhscl-1 |r40-rubygem-jquery-rails=ne |.2/ruby193-rubygem-jquery-r |w,rhscl-1.2/ruby193-rubygem |ails=new,rhn_satellite_6/ru |-jquery-rails=new,rhn_satel |by193-rubygem-jquery-ui-rai |lite_6/ruby193-rubygem-jque |ls=new,sam-1/ruby193-rubyge |ry-ui-rails=new,sam-1/ruby1 |m-jquery-rails=new,cfme-5/r |93-rubygem-jquery-rails=new |uby193-rubygem-jquery-rails |,cfme-5/ruby193-rubygem-jqu |=new,openstack-4/ruby193-ru |ery-rails=new,openstack-4/r |bygem-jquery-rails=new,open |uby193-rubygem-jquery-rails |stack-foreman/ruby193-rubyg |=new,openstack-foreman/ruby |em-jquery-ui-rails=new,rhel |193-rubygem-jquery-ui-rails |-6/ipa=affected,rhel-6/pyth |=new,rhel-6/ipa=affected,rh |on-sphinx=new,rhel-7/ipa=af |el-6/python-sphinx=new,rhel |fected,rhel-7/python-sphinx |-7/ipa=affected,rhel-7/pyth |=new,rhel-7/yelp-xsl=new |on-sphinx=new,rhel-7/yelp-x | |sl=new |
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=notaffected,fedora-all/ |/dl=notaffected,fedora-all/ |dokuwiki=affected,fedora-al |dokuwiki=affected,fedora-al |l/drupal6=affected,fedora-a |l/drupal6=affected,fedora-a |ll/drupal7=affected,fedora- |ll/drupal7=affected,fedora- |all/drupal7-jquery_update=a |all/drupal7-jquery_update=a |ffected,fedora-all/fish=aff |ffected,fedora-all/fish=aff |ected,fedora-all/fityk=nota |ected,fedora-all/fityk=nota |ffected,fedora-all/freeipa= |ffected,fedora-all/freeipa= |affected,fedora-all/gallery |affected,fedora-all/gallery |3=affected,fedora-all/globa |3=affected,fedora-all/globa |l=affected,fedora-all/graph |l=affected,fedora-all/graph |ite-web=affected,fedora-all |ite-web=affected,fedora-all |/hotot=affected,fedora-all/ |/hotot=affected,fedora-all/ |ikiwiki=affected,fedora-all |ikiwiki=affected,fedora-all |/libgda=affected,fedora-all |/libgda=affected,fedora-all |/mediawiki=affected,fedora- |/mediawiki=affected,fedora- |all/mojomojo=affected,fedor |all/mojomojo=affected,fedor |a-all/nodejs-should=affecte |a-all/nodejs-should=affecte |d,fedora-all/OpenLP=notaffe |d,fedora-all/OpenLP=notaffe |cted,fedora-all/openslides= |cted,fedora-all/openslides= |affected,fedora-all/opentea |affected,fedora-all/opentea |cher=affected,fedora-all/or |cher=affected,fedora-all/or |bited=affected,fedora-all/p |bited=affected,fedora-all/p |erl-Mojolicious=affected,fe |erl-Mojolicious=affected,fe |dora-all/phpPgAdmin=affecte |dora-all/phpPgAdmin=affecte |d,fedora-all/python-backlas |d,fedora-all/python-backlas |h=affected,fedora-all/pytho |h=affected,fedora-all/pytho |n-django=affected,fedora-al |n-django=affected,fedora-al |l/python-django-debug-toolb |l/python-django-debug-toolb |ar=affected,fedora-all/pyth |ar=affected,fedora-all/pyth |on-django-typepadapp=affect |on-django-typepadapp=affect |ed,fedora-all/python-django |ed,fedora-all/python-django |14=affected,fedora-all/pyth |14=affected,fedora-all/pyth |on-django15=affected,fedora |on-django15=affected,fedora |-all/python-flask-debugtool |-all/python-flask-debugtool |bar=affected,fedora-all/pyt |bar=affected,fedora-all/pyt |hon-pebl=affected,fedora-al |hon-pebl=affected,fedora-al |l/python-sphinx=affected,fe |l/python-sphinx=affected,fe |dora-all/python-tw-jquery=a |dora-all/python-tw-jquery=a |ffected,fedora-all/python-t |ffected,fedora-all/python-t |w2-jqplugins-flot=affected, |w2-jqplugins-flot=affected, |fedora-all/python-tw2-jquer |fedora-all/python-tw2-jquer |y=affected,fedora-all/pytho |y=affected,fedora-all/pytho |n-werkzeug=affected,fedora- |n-werkzeug=affected,fedora- |all/python-XStatic-jQuery=a |all/python-XStatic-jQuery=a |ffected,fedora-all/roundup= |ffected,fedora-all/roundup= |affected,fedora-all/rubygem |affected,fedora-all/rubygem |-jquery-rails=affected,fedo |-jquery-rails=affected,fedo |ra-all/sagemath=affected,fe |ra-all/sagemath=affected,fe |dora-all/sparkleshare=affec |dora-all/sparkleshare=affec |ted,fedora-all/spyder=affec |ted,fedora-all/spyder=affec |ted,fedora-all/StarCluster= |ted,fedora-all/StarCluster= |affected,fedora-all/sticky- |affected,fedora-all/sticky- |notes=notaffected,fedora-al |notes=notaffected,fedora-al |l/sugar-help=affected,fedor |l/sugar-help=affected,fedor |a-all/varnish-agent=affecte |a-all/varnish-agent=affecte |d,fedora-all/webacula=affec |d,fedora-all/webacula=affec |ted,fedora-all/wesnoth=affe |ted,fedora-all/wesnoth=affe |cted,fedora-all/why3=affect |cted,fedora-all/why3=affect |ed,fedora-all/wordpress=aff |ed,fedora-all/wordpress=aff |ected,fedora-all/yelp-xsl=a |ected,fedora-all/yelp-xsl=a |ffected,fedora-all/zabbix=a |ffected,fedora-all/zabbix=a |ffected,epel-all/drupal7-jq |ffected,epel-all/drupal7-jq |uery_update=affected,epel-a |uery_update=affected,epel-a |ll/python-tw-jquery=affecte |ll/python-tw-jquery=affecte |d,epel-all/python-tw2-jquer |d,epel-all/python-tw2-jquer |y=affected,epel-all/python- |y=affected,epel-all/python- |XStatic-jquery-ui=affected, |XStatic-jquery-ui=affected, |openshift-1/drupal6-jquery_ |openshift-1/drupal6-jquery_ |ui-lib=new,openshift-1/ruby |ui-lib=wontfix,openshift-1/ |193-rubygem-jquery-rails=ne |ruby193-rubygem-jquery-rail |w,openshift-enterprise-1/ru |s=wontfix,openshift-enterpr |by193-rubygem-jquery-rails= |ise-1/ruby193-rubygem-jquer |new,openshift-enterprise-2/ |y-rails=wontfix,openshift-e |ruby193-rubygem-jquery-rail |nterprise-2/ruby193-rubygem |s=new,rhscl-1.2/ror40-rubyg |-jquery-rails=wontfix,rhscl |em-jquery-rails=new,rhscl-1 |-1.2/ror40-rubygem-jquery-r |.2/ruby193-rubygem-jquery-r |ails=wontfix,rhscl-1.2/ruby |ails=new,rhn_satellite_6/ru |193-rubygem-jquery-rails=wo |by193-rubygem-jquery-ui-rai |ntfix,rhn_satellite_6/ruby1 |ls=new,sam-1/ruby193-rubyge |93-rubygem-jquery-ui-rails= |m-jquery-rails=new,cfme-5/r |wontfix,sam-1/ruby193-rubyg |uby193-rubygem-jquery-rails |em-jquery-rails=wontfix,cfm |=new,openstack-4/ruby193-ru |e-5/ruby193-rubygem-jquery- |bygem-jquery-rails=new,open |rails=wontfix,openstack-4/r |stack-foreman/ruby193-rubyg |uby193-rubygem-jquery-rails |em-jquery-ui-rails=new,rhel |=new,openstack-foreman/ruby |-6/ipa=affected,rhel-6/pyth |193-rubygem-jquery-ui-rails |on-sphinx=new,rhel-7/ipa=af |=new,rhel-6/ipa=affected,rh |fected,rhel-7/python-sphinx |el-6/python-sphinx=new,rhel |=new,rhel-7/yelp-xsl=new |-7/ipa=affected,rhel-7/pyth | |on-sphinx=new,rhel-7/yelp-x | |sl=new
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Huzaifa S. Sidhpurwala huzaifas@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=notaffected,fedora-all/ |/dl=notaffected,fedora-all/ |dokuwiki=affected,fedora-al |dokuwiki=affected,fedora-al |l/drupal6=affected,fedora-a |l/drupal6=affected,fedora-a |ll/drupal7=affected,fedora- |ll/drupal7=affected,fedora- |all/drupal7-jquery_update=a |all/drupal7-jquery_update=a |ffected,fedora-all/fish=aff |ffected,fedora-all/fish=aff |ected,fedora-all/fityk=nota |ected,fedora-all/fityk=nota |ffected,fedora-all/freeipa= |ffected,fedora-all/freeipa= |affected,fedora-all/gallery |affected,fedora-all/gallery |3=affected,fedora-all/globa |3=affected,fedora-all/globa |l=affected,fedora-all/graph |l=affected,fedora-all/graph |ite-web=affected,fedora-all |ite-web=affected,fedora-all |/hotot=affected,fedora-all/ |/hotot=affected,fedora-all/ |ikiwiki=affected,fedora-all |ikiwiki=affected,fedora-all |/libgda=affected,fedora-all |/libgda=affected,fedora-all |/mediawiki=affected,fedora- |/mediawiki=affected,fedora- |all/mojomojo=affected,fedor |all/mojomojo=affected,fedor |a-all/nodejs-should=affecte |a-all/nodejs-should=affecte |d,fedora-all/OpenLP=notaffe |d,fedora-all/OpenLP=notaffe |cted,fedora-all/openslides= |cted,fedora-all/openslides= |affected,fedora-all/opentea |affected,fedora-all/opentea |cher=affected,fedora-all/or |cher=affected,fedora-all/or |bited=affected,fedora-all/p |bited=affected,fedora-all/p |erl-Mojolicious=affected,fe |erl-Mojolicious=affected,fe |dora-all/phpPgAdmin=affecte |dora-all/phpPgAdmin=affecte |d,fedora-all/python-backlas |d,fedora-all/python-backlas |h=affected,fedora-all/pytho |h=affected,fedora-all/pytho |n-django=affected,fedora-al |n-django=affected,fedora-al |l/python-django-debug-toolb |l/python-django-debug-toolb |ar=affected,fedora-all/pyth |ar=affected,fedora-all/pyth |on-django-typepadapp=affect |on-django-typepadapp=affect |ed,fedora-all/python-django |ed,fedora-all/python-django |14=affected,fedora-all/pyth |14=affected,fedora-all/pyth |on-django15=affected,fedora |on-django15=affected,fedora |-all/python-flask-debugtool |-all/python-flask-debugtool |bar=affected,fedora-all/pyt |bar=affected,fedora-all/pyt |hon-pebl=affected,fedora-al |hon-pebl=affected,fedora-al |l/python-sphinx=affected,fe |l/python-sphinx=affected,fe |dora-all/python-tw-jquery=a |dora-all/python-tw-jquery=a |ffected,fedora-all/python-t |ffected,fedora-all/python-t |w2-jqplugins-flot=affected, |w2-jqplugins-flot=affected, |fedora-all/python-tw2-jquer |fedora-all/python-tw2-jquer |y=affected,fedora-all/pytho |y=affected,fedora-all/pytho |n-werkzeug=affected,fedora- |n-werkzeug=affected,fedora- |all/python-XStatic-jQuery=a |all/python-XStatic-jQuery=a |ffected,fedora-all/roundup= |ffected,fedora-all/roundup= |affected,fedora-all/rubygem |affected,fedora-all/rubygem |-jquery-rails=affected,fedo |-jquery-rails=affected,fedo |ra-all/sagemath=affected,fe |ra-all/sagemath=affected,fe |dora-all/sparkleshare=affec |dora-all/sparkleshare=affec |ted,fedora-all/spyder=affec |ted,fedora-all/spyder=affec |ted,fedora-all/StarCluster= |ted,fedora-all/StarCluster= |affected,fedora-all/sticky- |affected,fedora-all/sticky- |notes=notaffected,fedora-al |notes=notaffected,fedora-al |l/sugar-help=affected,fedor |l/sugar-help=affected,fedor |a-all/varnish-agent=affecte |a-all/varnish-agent=affecte |d,fedora-all/webacula=affec |d,fedora-all/webacula=affec |ted,fedora-all/wesnoth=affe |ted,fedora-all/wesnoth=affe |cted,fedora-all/why3=affect |cted,fedora-all/why3=affect |ed,fedora-all/wordpress=aff |ed,fedora-all/wordpress=aff |ected,fedora-all/yelp-xsl=a |ected,fedora-all/yelp-xsl=a |ffected,fedora-all/zabbix=a |ffected,fedora-all/zabbix=a |ffected,epel-all/drupal7-jq |ffected,epel-all/drupal7-jq |uery_update=affected,epel-a |uery_update=affected,epel-a |ll/python-tw-jquery=affecte |ll/python-tw-jquery=affecte |d,epel-all/python-tw2-jquer |d,epel-all/python-tw2-jquer |y=affected,epel-all/python- |y=affected,epel-all/python- |XStatic-jquery-ui=affected, |XStatic-jquery-ui=affected, |openshift-1/drupal6-jquery_ |openshift-1/drupal6-jquery_ |ui-lib=wontfix,openshift-1/ |ui-lib=wontfix,openshift-1/ |ruby193-rubygem-jquery-rail |ruby193-rubygem-jquery-rail |s=wontfix,openshift-enterpr |s=wontfix,openshift-enterpr |ise-1/ruby193-rubygem-jquer |ise-1/ruby193-rubygem-jquer |y-rails=wontfix,openshift-e |y-rails=wontfix,openshift-e |nterprise-2/ruby193-rubygem |nterprise-2/ruby193-rubygem |-jquery-rails=wontfix,rhscl |-jquery-rails=wontfix,rhscl |-1.2/ror40-rubygem-jquery-r |-1.2/ror40-rubygem-jquery-r |ails=wontfix,rhscl-1.2/ruby |ails=wontfix,rhscl-1.2/ruby |193-rubygem-jquery-rails=wo |193-rubygem-jquery-rails=wo |ntfix,rhn_satellite_6/ruby1 |ntfix,rhn_satellite_6/ruby1 |93-rubygem-jquery-ui-rails= |93-rubygem-jquery-ui-rails= |wontfix,sam-1/ruby193-rubyg |wontfix,sam-1/ruby193-rubyg |em-jquery-rails=wontfix,cfm |em-jquery-rails=wontfix,cfm |e-5/ruby193-rubygem-jquery- |e-5/ruby193-rubygem-jquery- |rails=wontfix,openstack-4/r |rails=wontfix,openstack-4/r |uby193-rubygem-jquery-rails |uby193-rubygem-jquery-rails |=new,openstack-foreman/ruby |=wontfix,openstack-foreman/ |193-rubygem-jquery-ui-rails |ruby193-rubygem-jquery-ui-r |=new,rhel-6/ipa=affected,rh |ails=wontfix,rhel-6/ipa=won |el-6/python-sphinx=new,rhel |tfix,rhel-6/python-sphinx=w |-7/ipa=affected,rhel-7/pyth |ontfix,rhel-7/ipa=wontfix,r |on-sphinx=new,rhel-7/yelp-x |hel-7/python-sphinx=wontfix |sl=new |,rhel-7/yelp-xsl=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Huzaifa S. Sidhpurwala huzaifas@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX Last Closed| |2015-10-06 01:56:02
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166762, which changed state.
Bug 1166762 Summary: CVE-2010-5312 cacti: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166762
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2010 |impact=moderate,public=2010 |0903,reported=20141120,sour |0903,reported=20141120,sour |ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/ |AC:M/Au:N/C:N/I:P/A:N,fedor |AC:M/Au:N/C:N/I:P/A:N,fedor |a-all/asterisk-gui=affected |a-all/asterisk-gui=affected |,fedora-all/beacon=affected |,fedora-all/beacon=affected |,fedora-all/blender=affecte |,fedora-all/blender=affecte |d,fedora-all/bodhi=affected |d,fedora-all/bodhi=affected |,fedora-all/cacti=affected, |,fedora-all/cacti=affected, |fedora-all/calibre=affected |fedora-all/calibre=affected |,fedora-all/cinnamon=notaff |,fedora-all/cinnamon=notaff |ected,fedora-all/ckeditor=a |ected,fedora-all/ckeditor=a |ffected,fedora-all/cobbler= |ffected,fedora-all/cobbler= |affected,fedora-all/couchdb |affected,fedora-all/couchdb |=affected,fedora-all/cumin= |=affected,fedora-all/cumin= |affected,fedora-all/django- |affected,fedora-all/django- |typepad=affected,fedora-all |typepad=affected,fedora-all |/dl=notaffected,fedora-all/ |/dl=notaffected,fedora-all/ |dokuwiki=affected,fedora-al |dokuwiki=affected,fedora-al |l/drupal6=affected,fedora-a |l/drupal6=affected,fedora-a |ll/drupal7=affected,fedora- |ll/drupal7=affected,fedora- |all/drupal7-jquery_update=a |all/drupal7-jquery_update=a |ffected,fedora-all/fish=aff |ffected,fedora-all/fish=aff |ected,fedora-all/fityk=nota |ected,fedora-all/fityk=nota |ffected,fedora-all/freeipa= |ffected,fedora-all/freeipa= |affected,fedora-all/gallery |affected,fedora-all/gallery |3=affected,fedora-all/globa |3=affected,fedora-all/globa |l=affected,fedora-all/graph |l=affected,fedora-all/graph |ite-web=affected,fedora-all |ite-web=affected,fedora-all |/hotot=affected,fedora-all/ |/hotot=affected,fedora-all/ |ikiwiki=affected,fedora-all |ikiwiki=affected,fedora-all |/libgda=affected,fedora-all |/libgda=affected,fedora-all |/mediawiki=affected,fedora- |/mediawiki=affected,fedora- |all/mojomojo=affected,fedor |all/mojomojo=affected,fedor |a-all/nodejs-should=affecte |a-all/nodejs-should=affecte |d,fedora-all/OpenLP=notaffe |d,fedora-all/OpenLP=notaffe |cted,fedora-all/openslides= |cted,fedora-all/openslides= |affected,fedora-all/opentea |affected,fedora-all/opentea |cher=affected,fedora-all/or |cher=affected,fedora-all/or |bited=affected,fedora-all/p |bited=affected,fedora-all/p |erl-Mojolicious=affected,fe |erl-Mojolicious=affected,fe |dora-all/phpPgAdmin=affecte |dora-all/phpPgAdmin=affecte |d,fedora-all/python-backlas |d,fedora-all/python-backlas |h=affected,fedora-all/pytho |h=affected,fedora-all/pytho |n-django=affected,fedora-al |n-django=affected,fedora-al |l/python-django-debug-toolb |l/python-django-debug-toolb |ar=affected,fedora-all/pyth |ar=affected,fedora-all/pyth |on-django-typepadapp=affect |on-django-typepadapp=affect |ed,fedora-all/python-django |ed,fedora-all/python-django |14=affected,fedora-all/pyth |14=affected,fedora-all/pyth |on-django15=affected,fedora |on-django15=affected,fedora |-all/python-flask-debugtool |-all/python-flask-debugtool |bar=affected,fedora-all/pyt |bar=affected,fedora-all/pyt |hon-pebl=affected,fedora-al |hon-pebl=affected,fedora-al |l/python-sphinx=affected,fe |l/python-sphinx=affected,fe |dora-all/python-tw-jquery=a |dora-all/python-tw-jquery=a |ffected,fedora-all/python-t |ffected,fedora-all/python-t |w2-jqplugins-flot=affected, |w2-jqplugins-flot=affected, |fedora-all/python-tw2-jquer |fedora-all/python-tw2-jquer |y=affected,fedora-all/pytho |y=affected,fedora-all/pytho |n-werkzeug=affected,fedora- |n-werkzeug=affected,fedora- |all/python-XStatic-jQuery=a |all/python-XStatic-jQuery=a |ffected,fedora-all/roundup= |ffected,fedora-all/roundup= |affected,fedora-all/rubygem |affected,fedora-all/rubygem |-jquery-rails=affected,fedo |-jquery-rails=affected,fedo |ra-all/sagemath=affected,fe |ra-all/sagemath=affected,fe |dora-all/sparkleshare=affec |dora-all/sparkleshare=affec |ted,fedora-all/spyder=affec |ted,fedora-all/spyder=affec |ted,fedora-all/StarCluster= |ted,fedora-all/StarCluster= |affected,fedora-all/sticky- |affected,fedora-all/sticky- |notes=notaffected,fedora-al |notes=notaffected,fedora-al |l/sugar-help=affected,fedor |l/sugar-help=affected,fedor |a-all/varnish-agent=affecte |a-all/varnish-agent=affecte |d,fedora-all/webacula=affec |d,fedora-all/webacula=affec |ted,fedora-all/wesnoth=affe |ted,fedora-all/wesnoth=affe |cted,fedora-all/why3=affect |cted,fedora-all/why3=affect |ed,fedora-all/wordpress=aff |ed,fedora-all/wordpress=aff |ected,fedora-all/yelp-xsl=a |ected,fedora-all/yelp-xsl=a |ffected,fedora-all/zabbix=a |ffected,fedora-all/zabbix=a |ffected,epel-all/drupal7-jq |ffected,epel-all/drupal7-jq |uery_update=affected,epel-a |uery_update=affected,epel-a |ll/python-tw-jquery=affecte |ll/python-tw-jquery=affecte |d,epel-all/python-tw2-jquer |d,epel-all/python-tw2-jquer |y=affected,epel-all/python- |y=affected,epel-all/python- |XStatic-jquery-ui=affected, |XStatic-jquery-ui=affected, |openshift-1/drupal6-jquery_ |openshift-1/drupal6-jquery_ |ui-lib=wontfix,openshift-1/ |ui-lib=wontfix,openshift-1/ |ruby193-rubygem-jquery-rail |ruby193-rubygem-jquery-rail |s=wontfix,openshift-enterpr |s=wontfix,openshift-enterpr |ise-1/ruby193-rubygem-jquer |ise-1/ruby193-rubygem-jquer |y-rails=wontfix,openshift-e |y-rails=wontfix,openshift-e |nterprise-2/ruby193-rubygem |nterprise-2/ruby193-rubygem |-jquery-rails=wontfix,rhscl |-jquery-rails=wontfix,rhscl |-1.2/ror40-rubygem-jquery-r |-1.2/ror40-rubygem-jquery-r |ails=wontfix,rhscl-1.2/ruby |ails=wontfix,rhscl-1.2/ruby |193-rubygem-jquery-rails=wo |193-rubygem-jquery-rails=wo |ntfix,rhn_satellite_6/ruby1 |ntfix,rhn_satellite_6/ruby1 |93-rubygem-jquery-ui-rails= |93-rubygem-jquery-ui-rails= |wontfix,sam-1/ruby193-rubyg |wontfix,sam-1/ruby193-rubyg |em-jquery-rails=wontfix,cfm |em-jquery-rails=wontfix,cfm |e-5/ruby193-rubygem-jquery- |e-5/ruby193-rubygem-jquery- |rails=wontfix,openstack-4/r |rails=wontfix,openstack-4/r |uby193-rubygem-jquery-rails |uby193-rubygem-jquery-rails |=wontfix,openstack-foreman/ |=wontfix,openstack-foreman/ |ruby193-rubygem-jquery-ui-r |ruby193-rubygem-jquery-ui-r |ails=wontfix,rhel-6/ipa=won |ails=wontfix,rhel-6/ipa=won |tfix,rhel-6/python-sphinx=w |tfix,rhel-6/python-sphinx=w |ontfix,rhel-7/ipa=wontfix,r |ontfix,rhel-7/ipa=wontfix,r |hel-7/python-sphinx=wontfix |hel-7/python-sphinx=wontfix |,rhel-7/yelp-xsl=wontfix |,rhel-7/yelp-xsl=wontfix,cw | |e=CWE-79[auto]
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166758, which changed state.
Bug 1166758 Summary: CVE-2010-5312 asterisk-gui: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166758
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166766, which changed state.
Bug 1166766 Summary: CVE-2010-5312 cobbler: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166766
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
https://bugzilla.redhat.com/show_bug.cgi?id=1166041 Bug 1166041 depends on bug 1166800, which changed state.
Bug 1166800 Summary: CVE-2010-5312 python-tw2-jqplugins-flot: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1166800
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |EOL
perl-devel@lists.fedoraproject.org