bugzilla 3.6.3.0-1 source package in Ubuntu
Changelog
bugzilla (3.6.3.0-1) unstable; urgency=medium * New upstream release. Closes: #602420 * Fixed vulnerability CVE-2010-3172: By inserting a certain string into a URL, it was possible to inject both headers and content to any browser that supported "Server Push" (mostly only Gecko-based browsers like Firefox). This could lead to Cross-Site Scripting vulnerabilities, and possibly other more dangerous security issues as well. * Fixed vulnerability CVE-2010-3764: The Old Charts system generated graphs with predictable names into the "graphs/" directory, which also could be browsed to see its contents. This allowed unauthorized users to see product names and charted information about those products over time. * Fixed references to YUI components used by language templates. * Fixed missing images. * Surrpress error messages at installation stage. -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 16 Nov 2010 10:05:41 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Natty
- Original maintainer:
- Raphael Bossek
- Architectures:
- all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
bugzilla_3.6.3.0.orig.tar.gz | 4.2 MiB | 85bf47de333b51e08223ac4a09529abd11e4a649c06ab9a10b5b02edc60817c4 |
bugzilla_3.6.3.0-1.debian.tar.gz | 97.1 KiB | b3b921a2c05c3393fc5a766262c89dc206754429dd1e0d6a24e5f5d3cc269e56 |
bugzilla_3.6.3.0-1.dsc | 1.1 KiB | d7f068cc9dceba80d42a71c13ef6de8414678aa690c1055d5a07c3908c5dbd62 |
Available diffs
- diff from 3.6.2.0-4 to 3.6.3.0-1 (6.0 MiB)
Binary packages built by this source
- bugzilla3: No summary available for bugzilla3 in ubuntu natty.
No description available for bugzilla3 in ubuntu natty.
- bugzilla3-doc: No summary available for bugzilla3-doc in ubuntu natty.
No description available for bugzilla3-doc in ubuntu natty.