mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-03 06:04:53 +00:00
Code Issues Releases Activity
1b86903b9d
freebsd-ports/devel/bugzilla3
History
Olli Hauer 03efecffe1 - update to version 3.6.7 
- CVE-2011-3657
- CVE-2011-3667

Summary
=======

The following security issues have been discovered in Bugzilla:

* When viewing tabular or graphical reports as well as new charts,
  an XSS vulnerability is possible in debug mode.

* The User.offer_account_by_email WebService method lets you create
  a new user account even if the active authentication method forbids
  users to create an account.

* A CSRF vulnerability in post_bug.cgi and in attachment.cgi could
  lead to the creation of unwanted bug reports and attachments.

All affected installations are encouraged to upgrade as soon as possible.

Full Release Notes:
http://www.bugzilla.org/security/3.4.12/

Approved by:	skv@ (explicit)
2012-01-05 17:25:28 +00:00
..
files - update to version 3.6.7 2012-01-05 17:25:28 +00:00
distinfo - update to version 3.6.7 2012-01-05 17:25:28 +00:00
Makefile - update to version 3.6.7 2012-01-05 17:25:28 +00:00
Makefile.common
pkg-descr
pkg-plist - update to version 3.6.7 2012-01-05 17:25:28 +00:00