Re: freeze exception -- bugzilla3 3.6.3.0-1

To: debian-release@lists.debian.org
Cc: Moritz Muehlenhoff <jmm@inutil.org>, Julien Cristau <jcristau@debian.org>
Subject: Re: freeze exception -- bugzilla3 3.6.3.0-1
From: Raphael Bossek <bossekr@debian.org>
Date: Mon, 15 Nov 2010 15:32:18 +0100
Message-id: <[🔎] AANLkTin=h2EfSm7X8kAHZieTZ2974Q8iR3bYvGztFm+1@mail.gmail.com>

Bugzilla 3.6.3.0-1 with security fixes pending for unfreeze in
unstable since today.

Greetings,
Raphael

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 15 Nov 2010 10:09:20 +0100
Source: bugzilla
Binary: bugzilla3 bugzilla3-doc
Architecture: source all
Version: 3.6.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Raphael Bossek <bossekr@debian.org>
Changed-By: Raphael Bossek <bossekr@debian.org>
Description:
 bugzilla3  - web-based bug tracking system
 bugzilla3-doc - comprehensive guide to Bugzilla
Closes: 602420
Changes:
 bugzilla (3.6.3.0-1) unstable; urgency=medium
 .
  * New upstream release. Closes: #602420
  * Fixed vulnerability CVE-2010-3172:
    By inserting a certain string into a URL, it was possible
    to inject both headers and content to any browser that
    supported "Server Push" (mostly only Gecko-based browsers
    like Firefox). This could lead to Cross-Site Scripting
    vulnerabilities, and possibly other more dangerous security
    issues as well.
  * Fixed vulnerability CVE-2010-3764:
    The Old Charts system generated graphs with
    predictable names into the "graphs/" directory,
    which also could be browsed to see its contents.
    This allowed unauthorized users to see product
    names and charted information about those
    products over time.
  * Fixed references to YUI components used by language templates.
  * Fixed missing images.
  * Surrpress error messages at installation stage.
Checksums-Sha1:
 d77d70e1ec20b7ac80eabf26d4bf133ced458fba 1162 bugzilla_3.6.3.0-1.dsc
 0b4fa7cff9dd5ce5aaf644bf73c4bd2946e79dd1 4438817 bugzilla_3.6.3.0.orig.tar.gz
 3856d2b2a7e63979adce26453caece156b9ec8d0 99404 bugzilla_3.6.3.0-1.debian.tar.gz
 2db2cfe7e85e0885c3f9affd41738a14524520ff 3043686 bugzilla3_3.6.3.0-1_all.deb
 481a345d3ae43971148f35d7dcd8fea6b294d853 1418858
bugzilla3-doc_3.6.3.0-1_all.deb
Checksums-Sha256:
 d7f068cc9dceba80d42a71c13ef6de8414678aa690c1055d5a07c3908c5dbd62 1162
bugzilla_3.6.3.0-1.dsc
 85bf47de333b51e08223ac4a09529abd11e4a649c06ab9a10b5b02edc60817c4
4438817 bugzilla_3.6.3.0.orig.tar.gz
 b3b921a2c05c3393fc5a766262c89dc206754429dd1e0d6a24e5f5d3cc269e56
99404 bugzilla_3.6.3.0-1.debian.tar.gz
 d796eb7086de85ae42a20898c4799d376cc86dc4bffe27d5a9b6164114c9330e
3043686 bugzilla3_3.6.3.0-1_all.deb
 cb75ad3bd91333590fcda13e9e09cfc4ae0b8ba0145bbaca1b80d0e92434700a
1418858 bugzilla3-doc_3.6.3.0-1_all.deb
Files:
 bf631a0414a165adc549bce46b96cd39 1162 web optional bugzilla_3.6.3.0-1.dsc
 f40946783c7ba2eeef36f1e3ab6c67ae 4438817 web optional
bugzilla_3.6.3.0.orig.tar.gz
 47b5112962d0cc5ce1246946d0ad395b 99404 web optional
bugzilla_3.6.3.0-1.debian.tar.gz
 580d2c90c93cfbbf3ed1881cd1ab4f0f 3043686 web optional
bugzilla3_3.6.3.0-1_all.deb
 7e1905f851cb72a2a7a95680f103d068 1418858 doc optional
bugzilla3-doc_3.6.3.0-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFM4PnaN2lBq4Nesv8RAgy6AKCL7ViHGRKX11c8s2J8T+xqLrLTsQCeJuJr
/szVc938tepPiMoDOdC3s2I=
=FmTk
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: freeze exception -- bugzilla3 3.6.3.0-1
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Re: Bug#603568: RM: fcitx/oldstable -- ROM; not dfsg free
Next by Date: Bug#583738: Info received (Bug#575798: Bug#584942: by the way)
Previous by thread: Re: Bug#603568: RM: fcitx/oldstable -- ROM; not dfsg free
Next by thread: Re: freeze exception -- bugzilla3 3.6.3.0-1
Index(es):
- Date
- Thread