Sicherheit: Zwei Probleme in Bugzilla
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in Bugzilla
ID: FEDORA-2015-247b517a18
Distribution: Fedora
Plattformen: Fedora 23
Datum: Do, 7. Januar 2016, 22:00
Referenzen: Keine Angabe
Applikationen: Bugzilla


Name        : bugzilla
Product : Fedora 23
Version : 4.4.11
Release : 1.fc23
URL : http://www.bugzilla.org/
Summary : Bug tracking system
Description :
Bugzilla is a popular bug tracking system used by multiple open source projects
It requires a database engine installed - either MySQL, PostgreSQL or Oracle.
Without one of these database engines (local or remote), Bugzilla will not work
- see the Release Notes for details.

Update Information:

The following security issues have been discovered in Bugzilla: * Unfiltered
HTML injected into a dependency graph could be used to create a cross-site
scripting attack. * Some web browsers incorrectly parse CSV files as valid
JavaScript code which could lead to data leak. This updates fixes these flaws.

This update can be installed with the "yum" update program. Use
su -c 'yum update bugzilla' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Neue Nachrichten