LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for August 28, 2008

Fedora, Red Hat, and distributor security

LWN.net Weekly Edition for August 21, 2008

Standards, the kernel, and Postfix

In defense of Ubuntu

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Numerous vulnerabilities in bugzilla

Package(s):bugzilla CVE #(s):CAN-2002-0804 CAN-2002-0805 CAN-2002-0806 CAN-2002-0807 CAN-2002-0808 CAN-2002-0809 CAN-2002-0810 CAN-2002-0811 CAN-2002-0803
Created:August 21, 2002 Updated:August 21, 2002
Description: The bugzilla bug tracking system has a long list of security problems which can lead to data disclosure, administrative access, and denial of service attacks. The Red Hat advisory (below) gives the full list.
Alerts:
Red Hat RHSA-2002:109-07 2002-08-20
(Log in to post comments)

Numerous vulnerabilities in Bugzilla

Posted Aug 22, 2002 10:30 UTC (Thu) by gerv (subscriber, #3376) [Link]

Note that this advisory is for Bugzilla 2.14.1 and below, and suggests upgrading to Bugzilla 2.14.3. This is a valid course of action; however, you may wish instead to upgrade to or use Bugzilla 2.16, the latest release, which (as well as having none of those security holes) also has many new and useful features, including UI customisability using templates. See bugzilla.org for more info.

Gerv
(Bugzilla developer)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds