Stay Secure with the Latest Linux Advisories

security advisoryBugzillasecurity issue

Fedora 10 3.2.4 Security Advisory: Unauthorized Bug Change Fix

New upstream version fixing Unauthorized Bug Change flaw: https://www.bugzilla.org/security/3.2.3/ https://bugzilla.mozilla.org/show_bug.cgi?id=495257. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-7669 2009-07-15 20:00:29 -------------------------------------------------------------------------------- Name : bugzilla Product : Fedora 10 Version : 3.2.4 Release : 1.fc10 URL : https://www.bugzilla.org/ Summary : Bug tracking system Description : Bugzilla is a popular bug tracking system used by multiple open source projects It requires a database engine installed - either MySQL, PostgreSQL or Oracle. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. -------------------------------------------------------------------------------- Update Information: New upstream version fixing Unauthorized Bug Change flaw: https://www.bugzilla.org/security/3.2.3/ https://bugzilla.mozilla.org/show_bug.cgi?id=495257 -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 8 2009 Itamar Reis Peixoto - 3.2.4-1 - fix https://bugzilla.mozilla.org/show_bug.cgi?id=495257 * Mon Apr 6 2009 Itamar Reis Peixoto 3.2.3-1 - fix CVE-2009-1213 * Thu Mar 5 2009 Itamar Reis Peixoto 3.2.2-2 - fix from BZ #474250 Comment #16, from Chris Eveleigh --> - add python BR for contrib subpackage - fix description - change Requires perl-SOAP-Lite to perl(SOAP::Lite) according guidelines * Sun Mar 1 2009 Itamar Reis Peixoto 3.2.2-1 - thanks to Chris Eveleigh - for contributing with patches :-) - Upgrade to upstream 3.2.2 to fix multiple security vulns - Removed old perl_requires exclusions, added new ones for RADIUS, Oracle and sanitycheck.cgi - Added Oracle to supported DBs in description (and moved line breaks) - Include a patch to fix max_allowed_packet warnin when using with mysql * Sat Feb 28 2009 Itamar Reis Peixoto 3.0.8-1 - Upgrade to 3.0.8, fix #466077 #438080 - fix macro in changelog rpmlint warning - fix files-attr-not-set rpmlint warning for doc and contrib sub-packages * Mon Feb 23 2009 Fedora Release Engineering - 3.0.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Mon Feb 2 2009 Stepan Kasal - 3.0.4-3 - do not require perl-Email-Simple, it is (no longer) in use - remove several explicit perl-* requires; the automatic dependencies do handle them -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update bugzilla' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Resolving unapproved alteration concerns in Bugzilla 3.2.4 for Fedora 10 promotes enhanced software integrity and performance.. Fedora Bugzilla Update, Unauthorized Change Fix, Software Security Update. . Severity: Important. LinuxSecurity.com Team

Jul 28, 2009 •Important Fedora