FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Fri, 27 Jul 2012
[ 21:34:05 ohauer ] Original commit 
bugzilla devel  Deleted files touched by this commit  This port version is marked as vulnerable. Bug-tracking system developed by Mozilla Project
bugzilla3 devel  Deleted Deprecated Expired files touched by this commit  An older version of this port was marked as vulnerable. Bug-tracking system developed by Mozilla Project
bugzilla42 devel  Deleted Forbidden Expired Ignore files touched by this commit  This port version is marked as vulnerable. Bug-tracking system developed by Mozilla Project
vuxml security files touched by this commit Vulnerability and eXposure Markup Language DTD
- security update bugzilla
  new Versions: 3.6.10, 4.0.7, 4.2.2

  4.2.2

  This release fixes two security issues. See the Security Advisory for details.

  In addition, the following important fixes/changes have been made in this
release:

  o A regression introduced in Bugzilla 4.0 caused some login names to be
ignored
    when entered in the CC list of bugs. (Bug 756314)
  o Some queries could trigger an invalid SQL query if strings entered by the
user
    contained leading or trailing whitespaces. (Bug 760075)
  o The auto-completion form for keywords no longer automatically selects the
    first keyword in the list when the field is empty. (Bug 764517)
  o A regression in Bugzilla 4.2 prevented classifications from being used in
    graphical and tabular reports in the "Multiple Tables" field. (Bug 753688)
  o Attachments created by the email_in.pl script were associated to the wrong
    comment. (Bug 762785)
  o Very long dependency lists can now be viewed correctly. (Bug 762783)
  o Keywords are now correctly escaped in the auto-completion form to prevent
any
    XSS abuse. (Bug 754561)
  o A regression introduced in Bugzilla 4.0rc2 when fixing CVE-2011-0046 caused
    the "Un-forget the search" link to not work correctly anymore when restoring
a
    deleted saved search, because this link was lacking a valid token. (Bug
768870)
  o Two minor CSRF vulnerabilities have been fixed which could let an attacker
    alter your default search criteria in the Advanced Search page. (Bugs 754672
    and 754673)

  4.0.7

  This release fixes one security issue. See the Security Advisory for details.

  In addition, the following bugs have been fixed in this release:

  o A regression introduced in Bugzilla 4.0 caused some login names to be
ignored
    when entered in the CC list of bugs. (Bug 756314)
  o Keywords are now correctly escaped in the auto-complete form to prevent any
    XSS abuse. (Bug 754561)
  o A regression introduced in Bugzilla 4.0rc2 when fixing CVE-2011-0046 caused
    the "Un-forget the search" link to not work correctly anymore when restoring
a
    deleted saved search, because this link was lacking a valid token. (Bug
768870)

  3.6.10

  This release fixes one security issue. See the Security Advisory for details.
  http://www.bugzilla.org/security/3.6.9/

Approved by:	implicit skv@ (bugzilla / bugzilla3)
Security:	CVE-2012-1968
		CVE-2012-1969
		https://bugzilla.mozilla.org/show_bug.cgi?id=777398
		https://bugzilla.mozilla.org/show_bug.cgi?id=777586
		vid=58253655-d82c-11e1-907c-20cf30e32f6d

Number of ports [& non-ports] in this commit: 4

Showing files for just one port: devel/bugzilla

show all files

hide all files


6 files found
ActionRevisionLinksFile
modify 301625 View diff View revision /ports/head/devel/bugzilla/Makefile
modify 301625 View diff View revision /ports/head/devel/bugzilla/distinfo
modify 301625 View diff View revision /ports/head/devel/bugzilla3/Makefile
modify 301625 View diff View revision /ports/head/devel/bugzilla3/distinfo
modify 301625 View diff View revision /ports/head/devel/bugzilla42/Makefile
modify 301625 View diff View revision /ports/head/devel/bugzilla42/distinfo
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
phpmyadminSep 13
ossec-hids-clientSep 11
ossec-hids-localSep 11
ossec-hids-serverSep 11
chromiumSep 09
trafficserverSep 05
apache22*Sep 03
apache22-event-mpm*Sep 03
apache22-itk-mpm*Sep 03
apache22-peruser-mpm*Sep 03
apache22-worker-mpm*Sep 03
chromiumAug 26
fileAug 21
py-djangoAug 21
py-django-develAug 21

5 vulnerabilities affecting 12 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24092
Broken 121
Deprecated 93
Ignore 386
Forbidden 17
Restricted 205
No CDROM 94
Vulnerable 21
Expired 7
Set to expire 88
Interactive 0
new 24 hours 0
new 48 hours6
new 7 days50
new fortnight137
new month246


Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.