Login
Newsletter
Werbung

Sicherheit: Mangelnde Prüfung von Zertifikaten in python-bugzilla
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Zertifikaten in python-bugzilla
ID: FEDORA-2013-11419
Distribution: Fedora
Plattformen: Fedora 18
Datum: Mi, 10. Juli 2013, 07:54
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2191
Applikationen: python-bugzilla

Originalnachricht

Name        : python-bugzilla
Product : Fedora 18
Version : 0.9.0
Release : 1.fc18
URL : https://fedorahosted.org/python-bugzilla
Summary : A python library for interacting with Bugzilla
Description :
python-bugzilla is a python library for interacting with bugzilla instances
over XML-RPC. This package also includes the 'bugzilla' command-line
tool
for interacting with bugzilla from shell scripts.

-------------------------------------------------------------------------------
-
Update Information:

* Rebased to version 0.9.0
* bugzilla: modify: add --dependson (Don Zickus)
* bugzilla: new: add --groups option (Paul Frields)
* bugzilla: modify: Allow setting nearly every bug parameter
* NovellBugzilla implementation removed, can't get it to work
* Gracefully handle private bugs (bz #963979)
* Raise error if python-magic is needed (bz #951572)
* CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Jun 19 2013 Cole Robinson <crobinso@redhat.com> - 0.9.0-1
- Rebased to version 0.9.0
- bugzilla: modify: add --dependson (Don Zickus)
- bugzilla: new: add --groups option (Paul Frields)
- bugzilla: modify: Allow setting nearly every bug parameter
- NovellBugzilla implementation removed, can't get it to work
- Gracefully handle private bugs (bz #963979)
- Raise error if python-magic is needed (bz #951572)
- CVE-2013-2191: Add SSL host and cert validation (bz #975961, bz #951594)
* Mon Mar 4 2013 Cole Robinson <crobinso@redhat.com> - 0.8.0-2
- Don't upload scrambled attachments (bz #915318)
* Fri Feb 15 2013 Cole Robinson <crobinso@redhat.com> - 0.8.0-1
- Rebased to version 0.8.0
- Drop most usage of non-upstream RH Bugzilla API
- Test suite improvements, nearly complete code coverage
- Fix all open bug reports and RFEs
* Thu Jan 3 2013 Adam Jackson <ajax@redhat.com> 0.7.0-3
- Make closing bugs work, and allow closing as duplicate.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #951594 - CVE-2013-2191 python-bugzilla: Does not verify Bugzilla
server certificate
https://bugzilla.redhat.com/show_bug.cgi?id=951594
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update python-bugzilla' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung