tags 395094 + confirmed
thanks
* Ben Hutchings ([EMAIL PROTECTED]) :
> Upstream security advisory: http://www.bugzilla.org/security/2.18.5/
>
> These are fixed in 2.22.1 which would be suitable for sid.
I'm working on the packaging of that new upstream release.
--
Alexis Sukrieh <[EMAIL PROTE
Processing commands for [EMAIL PROTECTED]:
> tags 395094 + confirmed
Bug#395094: CVE-2006-545[3-5]: Multiple security issues in bugzilla
Tags were: security
Tags added: confirmed
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking
* Ben Hutchings ([EMAIL PROTECTED]) :
> Based on the advisory at http://www.bugzilla.org/security/2.18.5/ I
> would say that:
[...]
Ben, thanks a lot for your work regarding that issue.
If you have an alioth account, feel free to ask Sean Finney to add you
to the webapps-common team, so you can co
Upstream security advisory: http://www.bugzilla.org/security/2.18.5/
These are fixed in 2.22.1 which would be suitable for sid.
There is no upstream fix for the 2.16 series, as used in sarge. I am
looking at the upstream fix for the 2.18 series to see whether it is
applicable or easily adaptable
Package: bugzilla
Severity: grave
Tags: security
Several issues have beenfound in bugzilla:
CVE-2006-5455:
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in
Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted
remote attackers to create, modify, or delete arbi
5 matches
Mail list logo
