Accepted bugzilla 2.18.4-1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 3 Oct 2005 16:51:01 +0200
Source: bugzilla
Binary: bugzilla bugzilla-doc
Architecture: source all
Version: 2.18.4-1
Distribution: unstable
Urgency: high
Maintainer: Alexis Sukrieh <sukria@sukria.net>
Changed-By: Alexis Sukrieh <sukria@sukria.net>
Description:
bugzilla - web-based bug tracking system
bugzilla-doc - comprehensive guide to Bugzilla
Closes: 331206
Changes:
bugzilla (2.18.4-1) unstable; urgency=high
.
* New upstream minor release
+ Fixed a security issue: It was possible to bypass the "user
visibility groups" restrictions if user-matching was turned on
in "substring" mode.
+ Fixed a security issue: config.cgi exposed information to users who
weren't logged in, even when "requirelogin" was turned on in Bugzilla.
(closes: #331206)
Files:
de9aaf36e4604b9c9a1db628d0b9a120 668 web optional bugzilla_2.18.4-1.dsc
b181cef2ed8bbc7bc277c5fa7ebebbe7 1640300 web optional bugzilla_2.18.4.orig.tar.gz
f34f7bc99646c8d60c9df4aba72c28d4 69174 web optional bugzilla_2.18.4-1.diff.gz
4619b68c27fecde00d71d47988d1ef9f 616198 web optional bugzilla_2.18.4-1_all.deb
2a3a8f71b63400abe460cfa103a54fcc 578586 doc optional bugzilla-doc_2.18.4-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDQUpypFNRmenyx0cRAreEAKC/M8gs68LVauC2ycFkB/AgYCIcjwCfZQhr
Nhappya0QOwRBhUryJTOlD0=
=kjPo
-----END PGP SIGNATURE-----
Accepted:
bugzilla-doc_2.18.4-1_all.deb
to pool/main/b/bugzilla/bugzilla-doc_2.18.4-1_all.deb
bugzilla_2.18.4-1.diff.gz
to pool/main/b/bugzilla/bugzilla_2.18.4-1.diff.gz
bugzilla_2.18.4-1.dsc
to pool/main/b/bugzilla/bugzilla_2.18.4-1.dsc
bugzilla_2.18.4-1_all.deb
to pool/main/b/bugzilla/bugzilla_2.18.4-1_all.deb
bugzilla_2.18.4.orig.tar.gz
to pool/main/b/bugzilla/bugzilla_2.18.4.orig.tar.gz
Reply to: