bugzilla 3.6.3.0-1 source package in Ubuntu
Changelog
bugzilla (3.6.3.0-1) unstable; urgency=medium
* New upstream release. Closes: #602420
* Fixed vulnerability CVE-2010-3172:
By inserting a certain string into a URL, it was possible
to inject both headers and content to any browser that
supported "Server Push" (mostly only Gecko-based browsers
like Firefox). This could lead to Cross-Site Scripting
vulnerabilities, and possibly other more dangerous security
issues as well.
* Fixed vulnerability CVE-2010-3764:
The Old Charts system generated graphs with
predictable names into the "graphs/" directory,
which also could be browsed to see its contents.
This allowed unauthorized users to see product
names and charted information about those
products over time.
* Fixed references to YUI components used by language templates.
* Fixed missing images.
* Surrpress error messages at installation stage.
-- Ubuntu Archive Auto-Sync <email address hidden> Tue, 16 Nov 2010 10:05:41 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Natty
- Original maintainer:
- Raphael Bossek
- Architectures:
- all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| bugzilla_3.6.3.0.orig.tar.gz | 4.2 MiB | 85bf47de333b51e08223ac4a09529abd11e4a649c06ab9a10b5b02edc60817c4 |
| bugzilla_3.6.3.0-1.debian.tar.gz | 97.1 KiB | b3b921a2c05c3393fc5a766262c89dc206754429dd1e0d6a24e5f5d3cc269e56 |
| bugzilla_3.6.3.0-1.dsc | 1.1 KiB | d7f068cc9dceba80d42a71c13ef6de8414678aa690c1055d5a07c3908c5dbd62 |
Available diffs
- diff from 3.6.2.0-4 to 3.6.3.0-1 (6.0 MiB)
Binary packages built by this source
- bugzilla3: No summary available for bugzilla3 in ubuntu natty.
No description available for bugzilla3 in ubuntu natty.
- bugzilla3-doc: No summary available for bugzilla3-doc in ubuntu natty.
No description available for bugzilla3-doc in ubuntu natty.
