Processing commands for cont...@bugs.debian.org:
> user release.debian@packages.debian.org
Setting user to release.debian@packages.debian.org (was
jcris...@debian.org).
> usertag 611176 squeeze-can-defer
Bug#611176: bugzilla: CVE-2010-4568 Account compromise vulnerability
There w
user release.debian@packages.debian.org
usertag 611176 squeeze-can-defer
tag 611176 squeeze-ignore
kthxbye
On Wed, Jan 26, 2011 at 12:55:08 +, Jonathan Wiltshire wrote:
> Package: bugzilla
> Version: 3.0.4.1-2+lenny2
> Severity: grave
> Tags: security
> Justification: user security hole
>
Sorry about the unhelpful report body...!
From the Mozilla advisory:
|Class: Account Compromise
|Versions:2.14 to 3.2.9, 3.4.9, 3.6.3, 4.0rc1
|Fixed In:3.2.10, 3.4.10, 3.6.4, 4.0rc2
|Description: It was possible for a user to gain unauthorized access to
| any Bugzilla ac
Package: bugzilla
Version: 3.0.4.1-2+lenny2
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Package: bugzilla
Version: FILLINAFFECTEDVERSION
Severity: FILLINSEVERITY
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Expo
4 matches
Mail list logo
