Date: Tue, 8 Jan 2002 03:07:43 -0800 (PST) From: Alexey Zelkin <phantom@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/devel/bugzilla Makefile Message-ID: <200201081107.g08B7hY02265@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
phantom 2002/01/08 03:07:43 PST
Modified files:
devel/bugzilla Makefile
Log:
* FORCED COMMIT SINCE PREVIOUS COMMIT WAS FAILED IN MIDDLE AND
* MAIL NOTIFICATION WASN'T SEND
Update to 2.14.1 (security update). Upgrade to all users highly
recomended!
From Security Advisory for Bugzilla:
: *** SECURITY ISSUES RESOLVED ***
:
: - Multiple instances of user-account hijacking capability were fixed (Bugs
: 54901, 108385, 185516)
:
: - Two occurrences of allowing data protected by Bugzilla's groupset
: restrictions to be visible to users outside of those groups were fixes
: (Bugs 102141, 108821)
:
: - One instance of an untrusted variable being echoed back to a user via
: HTML was fixed (Bug 98146)
:
: - Multiple instances of untrusted variables being passed to SQL queries
: were fixed (Bugs 108812, 108822, 109679, 109690)
Revision Changes Path
1.7 +0 -0 ports/devel/bugzilla/Makefile
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201081107.g08B7hY02265>