Summary: | <www-apps/bugzilla-{4.4.12,5.0.3}: Cross-Site Scripting (CVE-2016-2803) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Michael Weber (RETIRED) <xmw> |
Component: | Current packages | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | craig, proxy-maint, web-apps, xmw |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Michael Weber (RETIRED)
2016-05-16 20:37:20 UTC
4.4.11 and 5.0.2 Security Advisory https://www.bugzilla.org/security/4.4.11/ Downloads are available at https://www.bugzilla.org/download/ The version bumps are now in the tree as unstable. Old versions remaining as they are marked as stable. Proxy Maintainers - Can we pull in the bump please. Arches please stabilize: =www-apps/bugzilla-4.4.12 Stable targets: amd64 x86 =www-apps/bugzilla-5.0.3 Stable targets: amd64 x86 amd64 stable Added to an existing GLSA. x86 stable. Maintainer(s), please cleanup. This issue was resolved and addressed in GLSA 201607-11 at https://security.gentoo.org/glsa/201607-11 by GLSA coordinator Aaron Bauman (b-man). @maintainer(s), re-opening for cleanup. Maintainer(s), please drop the vulnerable version(s). Versions: 4.4.11, 5.0.2 tree is clean |