Branches for Hardy

Name Status Last Modified Last Commit
lp:ubuntu/hardy/bugzilla 2 Mature 2009-07-25 12:50:51 UTC 2009-07-25
7. * Merge from Debian unstable, remaini...

Author: Michael Bienia
Revision Date: 2007-09-01 16:21:54 UTC

* Merge from Debian unstable, remaining changes:
  - debian/rules: Install whine.pl in /usr/share/bugzilla/lib.
  - debian/control: Update maintainer field.

lp:ubuntu/hardy-security/bugzilla bug 2 Mature 2009-07-25 12:53:07 UTC 2009-07-25
8. * SECURITY UPDATE: Directory traversa...

Author: Stefan Lesicnik
Revision Date: 2008-10-11 21:56:21 UTC

* SECURITY UPDATE: Directory traversal vulnerability in importxml.pl in
  Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path
  is enabled, allows remote attackers to read arbitrary files via an
  XML file with a .. (dot dot) in the data element.(LP: #281915)
  - debian/patches/CVE-2008-4437.dpatch: upstream patch with regex
    to remove any leading path data from the filename.
  - CVE-2008-4437

lp:ubuntu/hardy-updates/bugzilla 2 Mature 2009-07-25 12:51:11 UTC 2009-07-25
8. * SECURITY UPDATE: Directory traversa...

Author: Stefan Lesicnik
Revision Date: 2008-10-11 21:56:21 UTC

* SECURITY UPDATE: Directory traversal vulnerability in importxml.pl in
  Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path
  is enabled, allows remote attackers to read arbitrary files via an
  XML file with a .. (dot dot) in the data element.(LP: #281915)
  - debian/patches/CVE-2008-4437.dpatch: upstream patch with regex
    to remove any leading path data from the filename.
  - CVE-2008-4437

13 of 3 results