Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Fedora 21 Bugzilla Update 4.4.10: Critical Email Validation Fix

fedora
Calendar Grey October 28, 2015
Dist Fedora Esm H88
Essential patch for Bugzilla authentication problem impacts user registration. Upgrade to version 4.4.10 without delay to ensure security.
Security fix for CVE-2015-4499 A security problem was found in supported versions of Bugzilla

Summary

Bugzilla is a popular bug tracking system used by multiple open source projects

It requires a database engine installed - either MySQL, PostgreSQL or Oracle.

Without one of these database engines (local or remote), Bugzilla will not work

- see the Release Notes for details.

Update Information:

Security fix for CVE-2015-4499 A security problem was found in supported versions of Bugzilla. Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected email address. Bugzilla 4.4.10 fixes the issue for the 4.4 branch of Bugzilla.

Change Log

References


[ 1 ] Bug #1262404 - CVE-2015-4499 bugzilla: Email address is not properly validated during registration https://bugzilla.redhat.com/show_bug.cgi?id=1262404

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update bugzilla' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: bugzilla
Product: Fedora 21
Version: 4.4.10
Release: 1.fc21
Summary: Bug tracking system

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.