[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted bugzilla 3.6.2.0-4.5 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 07 Jan 2012 14:16:43 +0000
Source: bugzilla
Binary: bugzilla3 bugzilla3-doc
Architecture: source all
Version: 3.6.2.0-4.5
Distribution: stable
Urgency: low
Maintainer: Raphael Bossek <bossekr@debian.org>
Changed-By: Jonathan Wiltshire <jmw@debian.org>
Description: 
 bugzilla3  - web-based bug tracking system
 bugzilla3-doc - comprehensive guide to Bugzilla
Changes: 
 bugzilla (3.6.2.0-4.5) stable; urgency=low
 .
   * Non-maintainer upload.
   * Add security patches:
     - 87_cve-2011-3657.sh
       Tabular and graphical reports, as well as new charts have
       a debug mode which displays raw data as plain text. This
       text is not correctly escaped and a crafted URL could
       use this vulnerability to inject code leading to XSS.
     - 88_cve-2011-3667.sh
       The User.offer_account_by_email WebService method ignores
       the user_can_create_account setting of the authentication
       method and generates an email with a token in it which the
       user can use to create an account. Depending on the
       authentication method being active, this could allow the
       user to log in using this account.
       Installations where the createemailregexp parameter is
       empty are not vulnerable to this issue.
Checksums-Sha1: 
 b59596b9b420f0546ea265780aa0cf845a2dfadc 1819 bugzilla_3.6.2.0-4.5.dsc
 eb5ca6000dea3f8cd3542b04220d2ca00513cd1a 112032 bugzilla_3.6.2.0-4.5.debian.tar.gz
 6d530807bd1fbcbbdab0d1ff94e64e80f62e13dc 2782424 bugzilla3_3.6.2.0-4.5_all.deb
 abd8de7aa406b24799968909b26a992a3fd97cfc 1417068 bugzilla3-doc_3.6.2.0-4.5_all.deb
Checksums-Sha256: 
 d7bc9429d82706246a4936a2602193663710f29860b7caeea7047d2a8fac9ac1 1819 bugzilla_3.6.2.0-4.5.dsc
 c07c6c335d43268ce63aeb2bad84496b7054723f308a834c1316295b66588d8a 112032 bugzilla_3.6.2.0-4.5.debian.tar.gz
 3cc31f9f6326398b1cbbb042e713e2dace2a31d2609613a7ac61112ab629d8d4 2782424 bugzilla3_3.6.2.0-4.5_all.deb
 fc8dab2e294b0d148fd9f497e2775d37efe9d32156c3177cc71d567b91c4d71f 1417068 bugzilla3-doc_3.6.2.0-4.5_all.deb
Files: 
 9d08ad2b8e0a4e4635c9132b22e235af 1819 web optional bugzilla_3.6.2.0-4.5.dsc
 07bedf25b0eeaa0623623eccc1ddc14a 112032 web optional bugzilla_3.6.2.0-4.5.debian.tar.gz
 00017e63c02294e37b52ae380625aba5 2782424 web optional bugzilla3_3.6.2.0-4.5_all.deb
 0e25a21aafc4dd4a4335524438d0ed24 1417068 doc optional bugzilla3-doc_3.6.2.0-4.5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJPHKBLAAoJEFOUR53TUkxRaHUP/iCDpQltvogQo2T7T5skleu6
MO0dhXJb7vkqhF1nRwwEew+6dRASesdMDPt9Lkm5KNU9EJ5u3kCaPqR5QKZJlOW2
Lb3Mn83sNZQNWUpEYChlCjxrsHYn+GZsbfLUZDly2VLm1JdHJtEusIhoVixxKgZv
BbnVYAMrodGRacSdRMlZzFTxkTLND2KbKN50zWuNqYEXRRuRGJmNA/wuQK7j9lW7
G3B1rDcyLpr6qf6Mf99dHDJ9YZjV133Z1DQNpiJtuoMT8uQm4k7W8ntvmg1wBy/P
avY7JGnLrfsR76nBUqOSTg2bLt1hABFi/y9oK4J75zWp5DPYh10ooDFy922joHJj
NFerXV05ZjzJ46frC131Qycu3HngBB9TtNinVC/Z699gQog9AznyQbWD2cqtWbzg
SAD0WY7ioVE7FC6ivBlQe1Zjfs7Mg1RDHTS3Gcs3qxYpw4NKWubelme6ZEc1U6q/
M/sTAPVmmXOYbddKPL5SddDXyD0y/wsAPYbr94n3/SjCfktfHWHc+ufAOgw+6A3p
VobT9sYIZde94SNAhd2BlJU60yLH8TDqISzqucSXaRWuCIL/zHzE+YTLUdz3Ywy7
kcvDKqVMW54xSa++nULbg9W+ndnEQ/8+9VWiTvZqBlmDrCxYy+RZmUaCZKD1U12B
MiYY/KLY8DFNioUM4Lfb
=Sxzj
-----END PGP SIGNATURE-----


Accepted:
bugzilla3-doc_3.6.2.0-4.5_all.deb
  to main/b/bugzilla/bugzilla3-doc_3.6.2.0-4.5_all.deb
bugzilla3_3.6.2.0-4.5_all.deb
  to main/b/bugzilla/bugzilla3_3.6.2.0-4.5_all.deb
bugzilla_3.6.2.0-4.5.debian.tar.gz
  to main/b/bugzilla/bugzilla_3.6.2.0-4.5.debian.tar.gz
bugzilla_3.6.2.0-4.5.dsc
  to main/b/bugzilla/bugzilla_3.6.2.0-4.5.dsc


Reply to: