[ubuntu/natty-security] mantis 1.1.8+dfsg-10squeeze2build0.11.04.1 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Fri Jun 29 15:58:10 UTC 2012
mantis (1.1.8+dfsg-10squeeze2build0.11.04.1) natty-security; urgency=low
* fake sync from Debian
mantis (1.1.8+dfsg-10squeeze2) stable-security; urgency=high
* Urgency high: Fixes some CVE's
- CVE-2011-3578: Added this note as history update.
This issue was really fixed in '1.1.8+dfsg-10squeeze1' upload
(via 12-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff patch)
but there were no CVE ID assigned in that moment, so there are no
references to in the changelog. The issue on the Security Tracker
was manually updated thanks to Thijs Kinkhorst <thijs at debian.org>.
- CVE-2012-1118: Array value for $g_private_bug_threshold
configuration option allows bypass of access. (Closes: #669924)
- CVE-2012-1119: copy/clone bug report action failed to leave an
audit trail. (Closes: #669928)
- CVE-2012-1120: Delete_bug_threshold/bugnote_allow_user_edit_delete
access check bypass. (Closes: #669925)
- CVE-2012-1121: mantis 1.1.8 is not affected by this issue.
(Closes: #669926)
- CVE-2012-1122: Incorrect access checks performed when moving
bugs between projects. (Closes: #669927)
- CVE-2012-1123: SOAP API null password authentication bypass
(Closes: #669930)
- CVE-2012-2691: Reporters can update notes of other users by using
SOAP API. This bug does not affect mantis package in squeeze.
Affected function 'mc_issue_note_update' is not implemented in
mantis 1.1.8 version.
- CVE-2012-2692: delete_attachments_threshold not checked on
attachment deletion. Thanks to David Hicks <d at hx.id.au>
Date: 2012-06-29 12:36:30.547288+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/mantis/1.1.8+dfsg-10squeeze2build0.11.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Natty-changes
mailing list