{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": false, "require_testcases": false, "display_name": "", "notes": "- match credentials when re-using a proxy connection (CVE-2016-0755)", "type": "security", "status": "stable", "request": null, "severity": "low", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": true, "critpath_groups": null, "close_bugs": true, "date_submitted": "2016-01-27 13:48:40", "date_modified": null, "date_approved": null, "date_testing": "2016-01-28 21:03:45", "date_stable": "2016-01-30 14:54:08", "alias": "FEDORA-2016-57bebab3b6", "test_gating_status": null, "from_tag": null, "date_pushed": "2016-01-30 14:54:08", "meets_testing_requirements": false, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2016-57bebab3b6", "title": "curl-7.43.0-5.fc23", "version_hash": "f28ef616b55dea5982894b68b81082666b2552bb", "release": {"name": "F23", "long_name": "Fedora 23", "version": "23", "id_prefix": "FEDORA", "branch": "f23", "dist_tag": "f23", "stable_tag": "f23-updates", "testing_tag": "f23-updates-testing", "candidate_tag": "f23-updates-candidate", "pending_signing_tag": "f23-signing-pending", "pending_testing_tag": "f23-updates-testing-pending", "pending_stable_tag": "f23-updates-pending", "override_tag": "f23-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}, {"name": "trust admins"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by kdudka. ", "timestamp": "2016-01-27 13:48:40", "update_id": 49670, "user_id": 91, "id": 382410, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2016-01-28 22:27:42", "update_id": 49670, "user_id": 91, "id": 383069, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "curl-7.43.0-5.fc23 ejected from the push because 'Request None inconsistent with mash request <testing>'", "timestamp": "2016-01-29 00:27:34", "update_id": 49670, "user_id": 91, "id": 383190, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "works for me", "timestamp": "2016-01-29 06:41:36", "update_id": 49670, "user_id": 739, "id": 383335, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cserpentis", "email": "cserpentis@gmail.com", "id": 739, "avatar": "https://seccdn.libravatar.org/avatar/a3febfef42f58ed535f3c3a3cf9743653cd774dbb6e4554e2ce7c847d9802b6c?s=24&d=retro", "openid": "cserpentis.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Works great!  LGTM  =)", "timestamp": "2016-01-29 09:31:49", "update_id": 49670, "user_id": 206, "id": 383433, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "besser82", "email": "besser82.fpo@gmail.com", "id": 206, "avatar": "https://seccdn.libravatar.org/avatar/28bacfa3be75032390ac2c7a34599aeb825c3b62b2c55ef64821d2fc023b56cb?s=24&d=retro", "openid": "besser82.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "designteam"}, {"name": "shogun-ca"}, {"name": "alt-gtk-de-sig"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2016-01-29 12:57:46", "update_id": 49670, "user_id": 91, "id": 383489, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "works for me", "timestamp": "2016-01-29 12:57:46", "update_id": 49670, "user_id": 182, "id": 383490, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "hreindl", "email": "h.reindl@thelounge.net", "id": 182, "avatar": "https://seccdn.libravatar.org/avatar/664e0d25c0404b7a153b4dbc5dc1f3d1be6a2e9fd91115fbb929fe16a55d21d7?s=24&d=retro", "openid": "hreindl.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Thanks for feedback!", "timestamp": "2016-01-29 12:58:33", "update_id": 49670, "user_id": 576, "id": 383496, "bug_feedback": [{"karma": 0, "comment_id": 383496, "bug_id": 1302263, "bug": {"bug_id": 1302263, "title": "CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use", "security": true, "parent": true}}, {"karma": 0, "comment_id": 383496, "bug_id": 1302265, "bug": {"bug_id": 1302265, "title": "CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}, {"name": "trust admins"}]}}, {"karma": 1, "karma_critpath": 1, "text": "looks good", "timestamp": "2016-01-30 13:26:26", "update_id": 49670, "user_id": 262, "id": 383681, "bug_feedback": [{"karma": 0, "comment_id": 383681, "bug_id": 1302263, "bug": {"bug_id": 1302263, "title": "CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use", "security": true, "parent": true}}, {"karma": 0, "comment_id": 383681, "bug_id": 1302265, "bug": {"bug_id": 1302265, "title": "CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "pnemade", "email": "pnemade@redhat.com", "id": 262, "avatar": "https://seccdn.libravatar.org/avatar/c383fc71de1d229226557da629fa64c03ff81abf117d5c2980ed7b86d56fbc3d?s=24&d=retro", "openid": "pnemade.id.stg.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "giti18n"}, {"name": "gitinscript2"}, {"name": "gitwordxtr"}, {"name": "gityum-langpacks"}, {"name": "svnsystem-config-language"}, {"name": "ipausers"}, {"name": "gitutrrs-web"}, {"name": "svnlohit"}, {"name": "fedora-contributor"}, {"name": "svniok"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "gitiok2"}, {"name": "gitfontpackages"}, {"name": "gitredhatlsb"}, {"name": "cla_redhat"}, {"name": "cvslohit-fonts"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2016-01-30 18:23:14", "update_id": 49670, "user_id": 91, "id": 383735, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "curl-7.43.0-5.fc23", "signed": true, "release_id": 11, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1302263, "title": "CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 384403, "bug_id": 1302263, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thank you for testing the update!", "timestamp": "2016-02-01 08:30:51", "update_id": 49669, "user_id": 576, "id": 384403, "testcase_feedback": [], "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 383496, "bug_id": 1302263, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for feedback!", "timestamp": "2016-01-29 12:58:33", "update_id": 49670, "user_id": 576, "id": 383496, "testcase_feedback": [], "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 383607, "bug_id": 1302263, "comment": {"karma": 0, "karma_critpath": 0, "text": "No regressions noted.\n\nkarma: +1", "timestamp": "2016-01-29 19:20:47", "update_id": 49669, "user_id": 207, "id": 383607, "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 383681, "bug_id": 1302263, "comment": {"karma": 1, "karma_critpath": 1, "text": "looks good", "timestamp": "2016-01-30 13:26:26", "update_id": 49670, "user_id": 262, "id": 383681, "testcase_feedback": [], "user": {"name": "pnemade", "email": "pnemade@redhat.com", "id": 262, "avatar": "https://seccdn.libravatar.org/avatar/c383fc71de1d229226557da629fa64c03ff81abf117d5c2980ed7b86d56fbc3d?s=24&d=retro", "openid": "pnemade.id.stg.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "giti18n"}, {"name": "gitinscript2"}, {"name": "gitwordxtr"}, {"name": "gityum-langpacks"}, {"name": "svnsystem-config-language"}, {"name": "ipausers"}, {"name": "gitutrrs-web"}, {"name": "svnlohit"}, {"name": "fedora-contributor"}, {"name": "svniok"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "gitiok2"}, {"name": "gitfontpackages"}, {"name": "gitredhatlsb"}, {"name": "cla_redhat"}, {"name": "cvslohit-fonts"}]}}}]}, {"bug_id": 1302265, "title": "CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 384403, "bug_id": 1302265, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thank you for testing the update!", "timestamp": "2016-02-01 08:30:51", "update_id": 49669, "user_id": 576, "id": 384403, "testcase_feedback": [], "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 383496, "bug_id": 1302265, "comment": {"karma": 0, "karma_critpath": 0, "text": "Thanks for feedback!", "timestamp": "2016-01-29 12:58:33", "update_id": 49670, "user_id": 576, "id": 383496, "testcase_feedback": [], "user": {"name": "kdudka", "email": "kdudka@redhat.com", "id": 576, "avatar": "https://seccdn.libravatar.org/avatar/81b8a3402cb4e17c69f622fa0a54731bb27b625f8fbd396a7583318619a15395?s=24&d=retro", "openid": "kdudka.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gitcgt"}, {"name": "gitcsmock"}, {"name": "gitnsspem"}, {"name": "fedorabugs"}, {"name": "aufover"}, {"name": "gitcscppc"}, {"name": "signed_fpca"}, {"name": "ipausers"}, {"name": "gitcswrap"}, {"name": "gitcodescan-diff"}, {"name": "fedora-contributor"}, {"name": "openscanhub"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 383607, "bug_id": 1302265, "comment": {"karma": 0, "karma_critpath": 0, "text": "No regressions noted.\n\nkarma: +1", "timestamp": "2016-01-29 19:20:47", "update_id": 49669, "user_id": 207, "id": 383607, "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 383681, "bug_id": 1302265, "comment": {"karma": 1, "karma_critpath": 1, "text": "looks good", "timestamp": "2016-01-30 13:26:26", "update_id": 49670, "user_id": 262, "id": 383681, "testcase_feedback": [], "user": {"name": "pnemade", "email": "pnemade@redhat.com", "id": 262, "avatar": "https://seccdn.libravatar.org/avatar/c383fc71de1d229226557da629fa64c03ff81abf117d5c2980ed7b86d56fbc3d?s=24&d=retro", "openid": "pnemade.id.stg.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "giti18n"}, {"name": "gitinscript2"}, {"name": "gitwordxtr"}, {"name": "gityum-langpacks"}, {"name": "svnsystem-config-language"}, {"name": "ipausers"}, {"name": "gitutrrs-web"}, {"name": "svnlohit"}, {"name": "fedora-contributor"}, {"name": "svniok"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "gitiok2"}, {"name": "gitfontpackages"}, {"name": "gitredhatlsb"}, {"name": "cla_redhat"}, {"name": "cvslohit-fonts"}]}}}]}], "updateid": "FEDORA-2016-57bebab3b6", "karma": 4, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}