Closed Bug 368656 Opened 19 years ago Closed 19 years ago

Security Advisory for release of Bugzilla 2.20.4, 2.22.2, and 2.23.4

Categories

(Bugzilla :: bugzilla.org, defect)

Product:
Bugzilla
Component:
bugzilla.org
Version:
2.20.3
Type:
defect
Priority:
Not set
Severity:
blocker

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: mkanat, Assigned: justdave)

References

Details

Attachments

(1 file, 2 obsolete files)

Draft 2
3.65 KB, text/plain
LpSolit
: review+
Details
We need a security advisory for these releases.
Attached file Draft 1 (obsolete) —
Attachment #253481 - Flags: review?
Attached file Draft 1 take 2 (obsolete) —
Re-uploaded with the correct character set (/me grumbles about BBEdit's defaults)
Attachment #253481 - Attachment is obsolete: true
Attachment #253482 - Flags: review?
Attachment #253481 - Flags: review?
Comment on attachment 253482 [details] Draft 1 take 2 >+ A possible cross-site scripting (XSS) vulnerability in Atom feeds > produced by Bugzilla Nit: missing period at the end of the sentence. >Issue 1 >------- >Class: Cross-Site Scripting >Versions: 2.20 and above 2.20 is not affected. 2.20.1 is. >Credits >======= >Frédéric Buclin >Dave Miller Add bkor and mkanat to the list. We always add reviewers. Else it looks good.
Attachment #253482 - Flags: review? → review-
Attached file Draft 2
Attachment #253482 - Attachment is obsolete: true
Attachment #253574 - Flags: review?
Comment on attachment 253574 [details] Draft 2 r=LpSolit
Attachment #253574 - Flags: review? → review+
Okay, Security Advisory sent to all three lists.
Group: webtools-security
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: