Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 303437

Summary: www-apps/bugzilla 3.0.10, 3.2.5 and 3.4.4 security fixes
Product: Gentoo Security Reporter: Marko Steinberger <marko.steinberger>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: web-apps
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.bugzilla.org/news/#release345
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 303725    
Bug Blocks:    
Attachments:
Description Flags
Patch for bugzilla-3.2.5 none

Description Marko Steinberger 2010-02-04 12:07:45 UTC 
Two information leaks have been fixed. Impact seems to be minor for standard installations.

Fixing this bug should fix a couple of other mostly outdated bugs as well: 
296520, 258738, 239564, 284824, 258592.

Reproducible: Always
Comment 1 Marko Steinberger 2010-02-04 13:28:22 UTC 
Created attachment 218397 [details, diff]
Patch for bugzilla-3.2.5

Trivial version bump for bugzilla 3.2 series. Only minor change within header lines are necessary. Upgrade with webapp-config worked flawlessly.
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2010-02-17 15:58:32 UTC 
Don't CC maintainers when you cannot assign bugs, please.
Comment 3 Torsten Veller (RETIRED) gentoo-dev 2010-02-18 08:14:15 UTC 
Superseded by later vulernabilities. See bug #303725.
Comment 4 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-05-31 07:35:04 UTC 
GLSA with bug 239564, bug 258592, bug 264572, bug 284824, bug 303437, and bug 303725.
Comment 5 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-06-04 05:17:39 UTC 
GLSA 201006-19