Bug#395094: marked as done (CVE-2006-545[3-5]: Multiple security issues in bugzilla)

Wed, 08 Nov 2006 06:36:41 -0800 

Your message dated Wed, 8 Nov 2006 06:20:48 -0800
with message-id <[EMAIL PROTECTED]>
and subject line CVE-2006-545[3-5]: Multiple security issues in bugzilla
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: bugzilla
Severity: grave
Tags: security

Several issues have beenfound in bugzilla:

CVE-2006-5455:
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in
Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted
remote attackers to create, modify, or delete arbitrary bug reports
via a crafted URL.

CVE-2006-5454:
Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before
2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1)
the description of arbitrary attachments by viewing the attachment in
"diff" mode in attachment.cgi, and (2) the deadline field by viewing
the XML format of the bug in show_bug.cgi.

CVE-2006-5453:
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x
before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x
before 2.23.3 allow remote authenticated users to inject arbitrary web
script or HTML via (1) page headers using the H1, H2, and H3 HTML tags
in global/header.html.tmpl, (2) description fields of certain items in
various edit cgi scripts, and (3) the id parameter in
showdependencygraph.cgi.

Please mention the CVE ids in the changelog.

--- End Message ---
--- Begin Message --- 
Version: 2.22.1-1

This bug has been fixed in testing and unstable with the upload of version
2.22.1-1, so I'm closing it (with a Version: pseudoheader) to document this
status as completely as possible.

The bug still affects the version of bugzilla in sarge.

Cheers,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
[EMAIL PROTECTED]                                   http://www.debian.org/

--- End Message ---

Reply via email to