notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
All times are UTC
non port: devel/bugzilla3/pkg-plist

Number of commits found: 3

Saturday, 28 Jul 2012
16:25 ohauer search for other commits by this committer
- pkgng: cosmetic fix against lstat messages
Original commit
Saturday, 21 Apr 2012
17:37 ohauer search for other commits by this committer
- security update to bugzilla 3.0.9 and 4.0.6
- update russian/bugzilla3-ru template
- patch german templates so revision match and no warning is displayed
- add vuxml entry

Approved by:    skv (implicit)
Original commit
Thursday, 5 Jan 2012
17:25 ohauer search for other commits by this committer
- update to version 3.6.7
- CVE-2011-3657
- CVE-2011-3667


The following security issues have been discovered in Bugzilla:

* When viewing tabular or graphical reports as well as new charts,
  an XSS vulnerability is possible in debug mode.

* The User.offer_account_by_email WebService method lets you create
  a new user account even if the active authentication method forbids
  users to create an account.

* A CSRF vulnerability in post_bug.cgi and in attachment.cgi could
  lead to the creation of unwanted bug reports and attachments.

All affected installations are encouraged to upgrade as soon as possible.

Full Release Notes:

Approved by:    skv@ (explicit)
Original commit

Number of commits found: 3