Closed
Bug 606854
Opened 14 years ago
Closed 14 years ago
Security advisory for Bugzilla 4.0rc1, 3.6.3, 3.4.9 and 3.2.9
Categories
(Bugzilla :: Bugzilla-General, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.2
People
(Reporter: LpSolit, Assigned: mkanat)
References
Details
Attachments
(1 file, 1 obsolete file)
Three security bugs will be ready for our next releases. Bug 419014 has pending reviews, but only for backports, so I should get reviews pretty quickly.
Reporter | ||
Comment 1•14 years ago
|
||
Bug 419014 just got r+ for all the backports, so all security bugs are ready for checkin.
Assignee | ||
Comment 2•14 years ago
|
||
Updated•14 years ago
|
Attachment #487275 -
Attachment is patch: false
Reporter | ||
Comment 3•14 years ago
|
||
Comment on attachment 487275 [details] Sec Adv, v1 >* It was possible to see graphs from Old Charts even if you did not > have access to a particular product, and you could browse a > a particular URL to see all product names. "a" is duplicated (a a particular URL). >Class: HTTP Response Splitting >Versions: Every Version Before 3.2.9, 3.4.9, 3.6.3, 4.0rc1 > (including unreleased 1.x versions of Bugzilla). I agree that all versions of Bugzilla are affected, as it used the hardcoded string "ThisRandomString" in version 1.1 of buglist.cgi, but I don't remember we ever mentioned Bugzilla 1.x in any security advisory. IMO, it doesn't make sense to mention something which has never been released. I would drop the sentence in parentheses (it looks more like an archaeological news than something useful). >Description: The Old Charts system generated graphs with > predictable names into the "graphs/" directory, > which also could be browsed to see its contents. So what? I think the bug summary was giving more details than this description here. You should mention that it could disclose product names. >Description: YUI 2.8.1 was vulnerable to a Cross-Site Scripting > vulnerability in certain .swf files. The YUI shipped > with Bugzilla has been updated to 2.8.2. >References: https://bugzilla.mozilla.org/show_bug.cgi?id=606618 > http://secunia.com/advisories/41955 You should list the YUI Security Bulletin from Yahoo!, which is the original security advisory for this XSS vulnerability: http://yuilibrary.com/support/2.8.2/ Otherwise looks good.
Assignee | ||
Comment 4•14 years ago
|
||
Okay, I fixed all your points.
Attachment #487275 -
Attachment is obsolete: true
Attachment #487739 -
Flags: review?(LpSolit)
Attachment #487275 -
Flags: review?(LpSolit)
Reporter | ||
Comment 5•14 years ago
|
||
Comment on attachment 487739 [details]
v2
thanks! r=LpSolit
Attachment #487739 -
Flags: review?(LpSolit) → review+
Assignee | ||
Comment 6•14 years ago
|
||
Advisory sent.
Group: bugzilla-security
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•