Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers two security issues that have recently been
fixed in the Bugzilla code:
+ Some files stored on the web server are not correctly protected
against external
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl,
generated insufficiently random numbers, resulting in all random
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers three security issues that have recently been
fixed in the Bugzilla code:
* Users without the canconfirm privilege could enter a bug as NEW
or ASSIGNED by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers a critical security issue that has recently been
fixed in the Bugzilla code:
* Even with account creation disabled, users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers three security issues that have recently been
fixed in the Bugzilla code:
+ A possible cross-site scripting (XSS)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers two security issues that have recently been
fixed in the Bugzilla code:
+ A possible cross-site scripting (XSS)
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers six security issues that have recently been
fixed in the Bugzilla code:
+ Sometimes the information put into the h1 and h2 tags in Bugzilla
was not properly escaped,
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers three security bugs that have recently been
discovered and fixed in the Bugzilla code:
+ The 'whinedays' and 'mostfreqthreshold' parameters are not correctly