Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 139467 - www-apps/trac: 0.9.6 fixes breach of privacy and denial of service vulnerability
Summary: www-apps/trac: 0.9.6 fixes breach of privacy and denial of service vulnerability
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor
Assignee: Gentoo Security
URL: http://projects.edgewall.com/trac/wik...
Whiteboard: B3 [noglsa] Falco
Keywords:
: 139807 144872 (view as bug list)
Depends on:
Blocks:
 
Reported: 2006-07-06 12:04 UTC by Mikhail Markin
Modified: 2010-04-30 17:26 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Markin 2006-07-06 12:04:11 UTC 
Hello. Trac 0.9.6 has been released. This is a security fix release: http://projects.edgewall.com/trac/wiki/TracDownload . Please bump the www-aps/trac ebuild to 0.9.6.

Thanks

Mikhail
Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-07-06 15:23:59 UTC 
Hi Dju, trac before 0.9.6 contains security vulnerabilities.
Can you provide a new ebuild please ?


http://projects.edgewall.com/trac/wiki/ChangeLog :
    * Fixed reStructuredText breach of privacy and denial of service vulnerability found by Felix Wiemann.
    * trac-post-commit-hook fixes.
    * Fixed bugs: #2894, #3058, #3209 #3325.
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-07-09 14:05:07 UTC 
*** Bug 139807 has been marked as a duplicate of this bug. ***
Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-07-09 14:05:54 UTC 
Arches please test and mark stable.
Comment 4 Tobias Scherbaum (RETIRED) gentoo-dev 2006-07-10 12:19:12 UTC 
ppc stable
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2006-07-12 15:38:44 UTC 
Tested on x86. Works without a problem. Should be marked as stable.
Comment 6 Joshua Jackson (RETIRED) gentoo-dev 2006-07-13 11:19:42 UTC 
poof x86 is gone ^.^
Comment 7 Mikhail Markin 2006-07-14 09:59:18 UTC 
Tested on AMD64. Works fine.
Comment 8 Thierry Carrez (RETIRED) gentoo-dev 2006-08-23 12:06:53 UTC 
*** Bug 144872 has been marked as a duplicate of this bug. ***