In association with heise online

27 August 2007, 13:57

Bugzilla closes security holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers have released new versions of the Bugzilla open-source software, a widely used system to manage bug reports and their processing status. They have published an advisory to explain which vulnerabilities have been remedied in the new versions.

Arguments that are passed to the mail software by a Email::Send::Sendmail()-call are not checked sufficiently, allowing attackers to inject shell commands. Bugzilla also does not properly escape the buildid parameter when filing bugs with the so-called guided form; this could be exploited for cross-site scripting attacks. Time-tracking fields such as deadlines or estimated time can be viewed by anyone through the Bugzilla WebService (XML-RPC) even if this person is not authorised to view these fields.

These vulnerabilities affect versions prior to the current patched versions 2.20.5, 2.22.3, 3.01 and the developer version 3.1.1. The Bugzilla team advises users to update to the new versions immediately.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit