Two information leaks have been fixed. Impact seems to be minor for standard installations. Fixing this bug should fix a couple of other mostly outdated bugs as well: 296520, 258738, 239564, 284824, 258592. Reproducible: Always
Created attachment 218397 [details, diff] Patch for bugzilla-3.2.5 Trivial version bump for bugzilla 3.2 series. Only minor change within header lines are necessary. Upgrade with webapp-config worked flawlessly.
Don't CC maintainers when you cannot assign bugs, please.
Superseded by later vulernabilities. See bug #303725.
GLSA with bug 239564, bug 258592, bug 264572, bug 284824, bug 303437, and bug 303725.
GLSA 201006-19