Closed Bug 425110 Opened 16 years ago Closed 16 years ago

Security Advisory for Bugzilla 3.0.4, 3.1.4, 2.22.4, and 2.20.6

Categories

(Bugzilla :: bugzilla.org, defect)

Product:
Bugzilla
Component:
bugzilla.org
Version:
3.0.3
Type:
defect
Priority:
Not set
Severity:
blocker

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: LpSolit, Assigned: mkanat)

References

Details

Attachments

(1 file, 1 obsolete file)

v2
3.43 KB, text/plain
LpSolit
: review+
Details 
We have fixed two security bugs between 3.x.3 and 3.x.4:

- bug 415471, which only affects Bugzilla 3.1.3, is about WebService.
- bug 419188, which affects Bugzilla 2.23.4 and newer, is about email_in.pl.

Both are not critical, but we still have to write a security advisory mentioning both issues.
Depends on: 425665
Also fixed is bug 425665, which affects all currently supported branches.
Assignee: website → mkanat
Summary: Security Advisory for Bugzilla 3.0.4 and 3.1.4 → Security Advisory for Bugzilla 3.0.4, 3.1.4, 2.22.4, and 2.20.5
Attached file v1 (obsolete) — 
Okay, how does this look to you?
Attachment #319295 - Flags: review?(LpSolit)
Summary: Security Advisory for Bugzilla 3.0.4, 3.1.4, 2.22.4, and 2.20.5 → Security Advisory for Bugzilla 3.0.4, 3.1.4, 2.22.4, and 2.20.6
Attached file v2 
Okay, here it is with fixes based on comments from IRC.
Attachment #319295 - Attachment is obsolete: true
Attachment #319300 - Flags: review?(LpSolit)
Attachment #319295 - Flags: review?(LpSolit)
Comment on attachment 319300 [details]
v2

>This advisory covers two security issues

Not 2 but 3.


>Class:       Unauthorized Bug Change
>Versions:    3.1.2 and higher

3.1.3 only.


r=LpSolit with these two comments fixed.
Attachment #319300 - Flags: review?(LpSolit) → review+
  Okay, security advisory sent.
Group: webtools-security
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: