Date: Sun, 7 Aug 2011 07:24:25 GMT From: Peter Vereshagin <peter@vereshagin.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/159576: Security Advisory for Bugzilla Versions Prior to 3.6.6, 4.0.2 Message-ID: <201108070724.p777OPPI088121@red.freebsd.org> Resent-Message-ID: <201108070730.p777U9J2096308@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 159576 >Category: ports >Synopsis: Security Advisory for Bugzilla Versions Prior to 3.6.6, 4.0.2 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Aug 07 07:30:08 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Peter Vereshagin >Release: 7.4-stable as of 2011 >Organization: Private >Environment: FreeBSD teh.ost 7.4-STABLE FreeBSD 7.4-STABLE #10: Mon May 2 16:12:55 MSD 2011 usr@teh.ost:/CONF i386 >Description: The following impacts the ports devel/bugzilla and devel/bugzilla3 at least: * Internet Explorer 8 and older, and Safari before 5.0.6 do content sniffing when viewing a patch in "Raw Unified" mode, which could trigger a cross-site scripting attack due to the execution of malicious code in the attachment. * Attachment descriptions with a newline in them could lead to the injection of crafted headers in email notifications sent to the requestee or the requester when editing an attachment flag. * If an attacker has access to a user's session, he can modify that user's email address without that user being notified of the change. === References: https://bugzilla.mozilla.org/show_bug.cgi?id=637981 CVE Number: CVE-2011-2379 Class: Information Leak >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201108070724.p777OPPI088121>