Ubuntu
bugzilla package

Branches for Warty

Name		Status	Last Modified	Last Commit
lp:ubuntu/warty/bugzilla		1 Development	2009-07-25 12:49:27 UTC 2009-07-25	2. Duplicate table creation is now also ... Author: Rémi Perrot Revision Date: 2004-04-02 01:13:32 UTC Duplicate table creation is now also fixed in bugzilla.postinst (closes: #224288)
lp:ubuntu/warty-security/bugzilla		1 Development	2009-07-25 12:49:35 UTC 2009-07-25	3. * SECURITY UPDATE: multiple vulnerabi... Author: Nafallo Bjälevik Revision Date: 2005-06-14 11:06:00 UTC * SECURITY UPDATE: multiple vulnerabilities * CGI.pl, template/en/default/global/code-error.html.tmpl: - Substitute <, > and & with their HTML alternatives to prevent XSS. - CAN-2004-1061 * editgroups.cgi, editusers.cgi: - Rewrite of the SQL querys for grouphandling to prevent SQL injection. - CAN-2004-0707 * editgroups.cgi, editusers.cgi, editcomponents.cgi, editmilestones, editproducts.cgi, editversions.cgi: - Removed un-needed form value display code to fix an XSS vulnerability. - CAN-2004-0705 * buglist.cgi, duplicates.cgi: - Added a check to see if the user is priviledged to see a hidden product. This prevents an information leak that showed the user all products by visiting duplicates.cgi. Also the check was needed for buglist.cgi. - CAN-2004-0704 * References: http://www.bugzilla.org/security/2.16.5/