Date: Tue, 8 Jan 2002 03:07:43 -0800 (PST) From: Alexey Zelkin <phantom@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/devel/bugzilla Makefile Message-ID: <200201081107.g08B7hY02265@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
phantom 2002/01/08 03:07:43 PST Modified files: devel/bugzilla Makefile Log: * FORCED COMMIT SINCE PREVIOUS COMMIT WAS FAILED IN MIDDLE AND * MAIL NOTIFICATION WASN'T SEND Update to 2.14.1 (security update). Upgrade to all users highly recomended! From Security Advisory for Bugzilla: : *** SECURITY ISSUES RESOLVED *** : : - Multiple instances of user-account hijacking capability were fixed (Bugs : 54901, 108385, 185516) : : - Two occurrences of allowing data protected by Bugzilla's groupset : restrictions to be visible to users outside of those groups were fixes : (Bugs 102141, 108821) : : - One instance of an untrusted variable being echoed back to a user via : HTML was fixed (Bug 98146) : : - Multiple instances of untrusted variables being passed to SQL queries : were fixed (Bugs 108812, 108822, 109679, 109690) Revision Changes Path 1.7 +0 -0 ports/devel/bugzilla/Makefile To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201081107.g08B7hY02265>