Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Gentoo: GLSA 200611-04 Normal: Bugzilla Cross-Site Scripting Threat

gentoo
Calendar Grey November 9, 2006
Dist Gentoo Esm H88
A series of security flaws identified in Bugzilla necessitate urgent updates for Gentoo users. Take prompt action to reduce potential threats.
Bugzilla is vulnerable to cross-site scripting, script injection, and request forgery.

Summary

Gentoo Linux Security Advisory GLSA 200611-04 https://security.gentoo.org/ Severity: Normal Title: Bugzilla: Multiple Vulnerabilities Date: November 09, 2006 Bugs: #151563 ID: 200611-04

Synopsis ======= Bugzilla is vulnerable to cross-site scripting, script injection, and request forgery.
Background ========= Bugzilla is a bug tracking system used to allow developers to more easily track outstanding bugs in products.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/bugzilla < 2.18.6 >= 2.18.6
========== The vulnerabilities identified in Bugzilla are as follows:
* Frederic Buclin and Gervase Markham discovered that input passed to various fields t...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround