[Bug 131560] [Sync request] Sync bugzilla (2.22.1-2.1) from Debian unstable (main)
Michael Bienia
michael at vorlon.ping.de
Fri Aug 10 15:26:03 BST 2007
Public bug reported:
Binary package hint: bugzilla
Please sync bugzilla (2.22.1-2.1) from Debian unstable (main).
The current package has no Ubuntu changes.
Thanks.
Changelog:
bugzilla (2.22.1-2.1) unstable; urgency=high
* Non-maintainer upload with the permission of the maintainer
* Include upstream patch to fix Cross-site scripting (XSS)
vulnerability in Atom, which allows remote attackers to inject
arbitrary web script or HTML via unspecified vectors
(Closes: #409824) Fixes: CVE-2007-0791
-- Steffen Joeris <white at debian.org> Fri, 10 Aug 2007 15:30:29 +0200
** Affects: bugzilla (Ubuntu)
Importance: Low
Status: Confirmed
** Changed in: bugzilla (Ubuntu)
Importance: Undecided => Low
Status: New => Confirmed
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-0791
--
[Sync request] Sync bugzilla (2.22.1-2.1) from Debian unstable (main)
https://bugs.launchpad.net/bugs/131560
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list