Numerous vulnerabilities in bugzilla
| Package(s): | bugzilla | CVE #(s): | CAN-2002-0804 CAN-2002-0805 CAN-2002-0806 CAN-2002-0807 CAN-2002-0808 CAN-2002-0809 CAN-2002-0810 CAN-2002-0811 CAN-2002-0803 | ||||
| Created: | August 21, 2002 | Updated: | August 21, 2002 | ||||
| Description: | The bugzilla bug tracking system has a long list of security problems which can lead to data disclosure, administrative access, and denial of service attacks. The Red Hat advisory (below) gives the full list. | ||||||
| Alerts: |
| ||||||
Posted Aug 22, 2002 10:30 UTC (Thu)
by gerv (guest, #3376)
[Link]
Note that this advisory is for Bugzilla 2.14.1 and below, and suggests upgrading to Bugzilla 2.14.3. This is a valid course of action; however, you may wish instead to upgrade to or use Bugzilla 2.16, the latest release, which (as well as having none of those security holes) also has many new and useful features, including UI customisability using templates. See bugzilla.org for more info.
Gerv
Numerous vulnerabilities in Bugzilla
(Bugzilla developer)