Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers two security issues that have recently been
fixed in the Bugzilla code:
+ Some files stored on the web server are not correctly protected
against external ac
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl,
generated insufficiently random numbers, resulting in all random
token
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers three security issues that have recently been
fixed in the Bugzilla code:
* Users without the "canconfirm" privilege could enter a bug as NEW
or ASSIGNED by usi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers a critical security issue that has recently been
fixed in the Bugzilla code:
* Even with account creation disabled, users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers three security issues that have recently been
fixed in the Bugzilla code:
+ A possible cross-site scripting (XSS) vulnerab
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers two security issues that have recently been
fixed in the Bugzilla code:
+ A possible cross-site scripting (XSS) vulnerabil
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers six security issues that have recently been
fixed in the Bugzilla code:
+ Sometimes the information put into the and tags in Bugzilla
was not properly escaped, lead
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers three security bugs that have recently been
discovered and fixed in the Bugzilla code:
+ The 'whinedays' and 'mostfreqthreshold' parameters are not correctly
validated