In association with heise online

16 October 2006, 14:07

Vulnerabilities closed in Bugzilla

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Six vulnerabilities in all had been found in the popular Bugzilla bug tracking system. They could have allowed attackers to spy on information or conduct cross-site scripting attacks. Administrators might also have been tricked into unintentionally deleting or modifying entries in the database by clicking on manipulated links. The names of files and the deadline for entries could also be viewed.

The developers urgently recommend upgrading to the new versions 2.18.6, 2.20.3 or 2.22.1. Developer versions through 2.23.2 are also vulnerable. The error is removed starting with version 2.23.2, however.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit