Summary: | www-apps/mantisbt: security release | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Renat Lumpau (RETIRED) <rl03> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | web-apps |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://sourceforge.net/mailarchive/forum.php?thread_id=8517458&forum_id=3264 | ||
Whiteboard: | B2? [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Renat Lumpau (RETIRED)
2005-10-24 07:41:11 UTC
In CVS Thx Renat. ppc please test and mark 0.19.3 stable. Stable on ppc. Ready for GLSA vote On the one hand, lots of things fixed. on the other hand, only one stable arch and the fixed things seem to be of a minor character. I tend to say no, but i'm out of training and not sure... File Inclusion Vulnerability and SQL injection are nasties, so this should probably be rated B2/B1, so I vote yes. Agree with Koon, file inclusion vulnerability and sql injection is enough for a glsa. GLSa there will be GLSA 200510-24 1.0.0rc3 addresses this I believe: http://sourceforge.net/project/shownotes.php?release_id=366796&group_id=14963 |