[ubuntu/natty-security] mantis 1.1.8+dfsg-10squeeze2build0.11.04.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Fri Jun 29 15:58:10 UTC 2012

mantis (1.1.8+dfsg-10squeeze2build0.11.04.1) natty-security; urgency=low

  * fake sync from Debian

mantis (1.1.8+dfsg-10squeeze2) stable-security; urgency=high

  * Urgency high: Fixes some CVE's
    - CVE-2011-3578: Added this note as history update.
      This issue was really fixed in '1.1.8+dfsg-10squeeze1' upload 
      (via 12-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff patch) 
      but there were no CVE ID assigned in that moment, so there are no 
      references to in the changelog. The issue on the Security Tracker 
      was manually updated thanks to Thijs Kinkhorst <thijs at debian.org>.
    - CVE-2012-1118: Array value for $g_private_bug_threshold
      configuration option allows bypass of access. (Closes: #669924)
    - CVE-2012-1119: copy/clone bug report action failed to leave an 
      audit trail. (Closes: #669928)
    - CVE-2012-1120: Delete_bug_threshold/bugnote_allow_user_edit_delete
      access check bypass. (Closes: #669925) 
    - CVE-2012-1121: mantis 1.1.8 is not affected by this issue.
      (Closes: #669926)
    - CVE-2012-1122: Incorrect access checks performed when moving 
      bugs between projects. (Closes: #669927)
    - CVE-2012-1123: SOAP API null password authentication bypass
      (Closes: #669930)
    - CVE-2012-2691: Reporters can update notes of other users by using 
      SOAP API. This bug does not affect mantis package in squeeze.
      Affected function 'mc_issue_note_update' is not implemented in 
      mantis 1.1.8 version.
    - CVE-2012-2692: delete_attachments_threshold not checked on 
      attachment deletion. Thanks to David Hicks <d at hx.id.au>

Date: 2012-06-29 12:36:30.547288+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Natty-changes mailing list