Zwei Probleme in Bugzilla
ID: | FEDORA-2015-247b517a18 |
Distribution: | Fedora |
Plattformen: | Fedora 23 |
Datum: | Do, 7. Januar 2016, 22:00 |
Referenzen: | Keine Angabe |
Applikationen: | Bugzilla |
Originalnachricht |
|
Name : bugzilla Product : Fedora 23 Version : 4.4.11 Release : 1.fc23 URL : http://www.bugzilla.org/ Summary : Bug tracking system Description : Bugzilla is a popular bug tracking system used by multiple open source projects It requires a database engine installed - either MySQL, PostgreSQL or Oracle. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. -------------------------------------------------------------------------------- Update Information: The following security issues have been discovered in Bugzilla: * Unfiltered HTML injected into a dependency graph could be used to create a cross-site scripting attack. * Some web browsers incorrectly parse CSV files as valid JavaScript code which could lead to data leak. This updates fixes these flaws. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update bugzilla' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce |