lp:ubuntu/hardy-updates/bugzilla
- Get this branch:
- bzr branch lp:ubuntu/hardy-updates/bugzilla
Branch merges
Branch information
Recent revisions
- 8. By Stefan Lesicnik
-
* SECURITY UPDATE: Directory traversal vulnerability in importxml.pl in
Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path
is enabled, allows remote attackers to read arbitrary files via an
XML file with a .. (dot dot) in the data element.(LP: #281915)
- debian/patches/ CVE-2008- 4437.dpatch: upstream patch with regex
to remove any leading path data from the filename.
- CVE-2008-4437 - 7. By Michael Bienia
-
* Merge from Debian unstable, remaining changes:
- debian/rules: Install whine.pl in /usr/share/bugzilla/ lib.
- debian/control: Update maintainer field. - 6. By Michele Angrisano <email address hidden>
-
* Merge from Debian unstable, remaining changes:
- debian/rules: Install whine.pl in /usr/share/bugzilla/ lib
- Upate maintainer field in debian/control. - 5. By Barry deFreese
-
* debian/rules: install whine.pl in /usr/share/
bugzilla/ lib
* Closes (LP#: 65682) - 4. By Alexis Sukrieh <email address hidden>
-
* Depends on mysql-client as we provide mysql support with dbconfig-common.
(closes: #398621)
* Urgency set to high to fix the etch RC bug.
* Updated the Bugzilla version (debian minor) in Bugzilla/Config.pm. - 3. By Francesco Paolo Lovergine
-
* NMU 0-days due to serious/important bug solving which prevents
bugzilla entering testing.[ Alexis Sukrieh ]
* Post-inst won't fail anymore when no MySQL server is
available. Added an automatic way of setting up the MySQL server if
/etc/mysql/debian. cnf exists, will read values from it then.
(closes: #250638)
* Using a MySQL user with '-' inside its name won't fail anymore.
(closes unreported bug)
* Better handling on DBI connection errors. When DBI complains about
something, user is not confused anymore by ugly error messages.
(closes: #154249)
* Running checksetup.pl by hand won't break the Bugzilla's installation
anymore. User can use it as he want without running dpkg-reconfigure.
(closes: #200707)[ Francesco P. Lovergine ]
* Now rules removes .cvsignore file which trashes /usr/share/
bugzilla/ template.
* Added virtual package httpd to the list of web server.
(closes: #213784) - 2. By Rémi Perrot <email address hidden>
-
Duplicate table creation is now also fixed in bugzilla.postinst
(closes: #224288)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/bugzilla