Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

- bugzilla security updates to version(s)

  3.6.11, 4.0.8, 4.2.4

Summary
=======

The following security issues have been discovered in Bugzilla:

* Confidential product and component names can be disclosed to
  unauthorized users if they are used to control the visibility of
  a custom field.

* When calling the 'User.get' WebService method with a 'groups'
  argument, it is possible to check if the given group names exist
  or not.

* Due to incorrectly filtered field values in tabular reports, it is
  possible to inject code which can lead to XSS.

* When trying to mark an attachment in a bug you cannot see as
  obsolete, the description of the attachment is disclosed in the
  error message.

* A vulnerability in swfstore.swf from YUI2 can lead to XSS.

Feature safe: yes

Security:	CVE-2012-4199
		https://bugzilla.mozilla.org/show_bug.cgi?id=731178

		CVE-2012-4198
		https://bugzilla.mozilla.org/show_bug.cgi?id=781850

		CVE-2012-4189
		https://bugzilla.mozilla.org/show_bug.cgi?id=790296

		CVE-2012-4197
		https://bugzilla.mozilla.org/show_bug.cgi?id=802204

		CVE-2012-5475
		https://bugzilla.mozilla.org/show_bug.cgi?id=808845
		http://yuilibrary.com/support/20121030-vulnerability/
  • Loading branch information...
commit fdc64894ac247ac30705d466c0b1c7bb2bbd520f 1 parent 12e096a
ohauer authored
View
2  devel/bugzilla/Makefile
@@ -1,7 +1,7 @@
# $FreeBSD$
PORTNAME= bugzilla
-PORTVERSION= 4.0.8
+PORTVERSION= 4.0.9
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_MOZILLA}
MASTER_SITE_SUBDIR= webtools webtools/archived
View
4 devel/bugzilla/distinfo
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.0.8.tar.gz) = 0d44ab29863ffe6ef7637f078c31e52805f1b2ff0ff4f5c39a0d7daebe326b0c
-SIZE (bugzilla/bugzilla-4.0.8.tar.gz) = 2801982
+SHA256 (bugzilla/bugzilla-4.0.9.tar.gz) = af79b2f2b39f428e19122707d1334db5e447742ca6098f74803c35277117e394
+SIZE (bugzilla/bugzilla-4.0.9.tar.gz) = 2803607
View
2  devel/bugzilla3/Makefile
@@ -1,7 +1,7 @@
# $FreeBSD$
PORTNAME= bugzilla
-PORTVERSION= 3.6.11
+PORTVERSION= 3.6.12
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_MOZILLA}
MASTER_SITE_SUBDIR= webtools webtools/archived
View
4 devel/bugzilla3/distinfo
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-3.6.11.tar.gz) = 01b99ec5b1e6efc9d0a0352ebe2ea6e8b8c7471a3f4dd80c3b99b5be575c4585
-SIZE (bugzilla/bugzilla-3.6.11.tar.gz) = 2509551
+SHA256 (bugzilla/bugzilla-3.6.12.tar.gz) = 1b3ebd08545b0093cd64a6f2e6c1310c7e85e691c83bd79c10960329f1bdca77
+SIZE (bugzilla/bugzilla-3.6.12.tar.gz) = 2509580
View
2  devel/bugzilla42/Makefile
@@ -1,7 +1,7 @@
# $FreeBSD$
PORTNAME= bugzilla
-PORTVERSION= 4.2.3
+PORTVERSION= 4.2.4
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_MOZILLA}
MASTER_SITE_SUBDIR= webtools webtools/archived
View
4 devel/bugzilla42/distinfo
@@ -1,2 +1,2 @@
-SHA256 (bugzilla/bugzilla-4.2.3.tar.gz) = 712d645c5b2b081e42b2a364c26edf8a8a0048f463a426ac38cc482d31b11fb3
-SIZE (bugzilla/bugzilla-4.2.3.tar.gz) = 2977764
+SHA256 (bugzilla/bugzilla-4.2.4.tar.gz) = bede0cf893ad8ac99715614af0cf4624bc0e8552852f51290f546006105ce695
+SIZE (bugzilla/bugzilla-4.2.4.tar.gz) = 2976363
View
57 security/vuxml/vuln.xml
@@ -51,6 +51,63 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="2b841f88-2e8d-11e2-ad21-20cf30e32f6d">
+ <topic>bugzilla -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>bugzilla</name>
+ <range><ge>3.6.0</ge><lt>3.6.12</lt></range>
+ <range><ge>4.0.0</ge><lt>4.0.9</lt></range>
+ <range><ge>4.2.0</ge><lt>4.2.4</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <h1>A Bugzilla Security Advisory reports:</h1>
+ <blockquote cite="http://www.bugzilla.org/security/3.6.11/">
+ <p>The following security issues have been discovered in
+ Bugzilla:</p>
+ <h1>Information Leak</h1>
+ <p>If the visibility of a custom field is controlled by a product
+ or a component of a product you cannot see, their names are
+ disclosed in the JavaScript code generated for this custom field
+ despite they should remain confidential.</p>
+ <p>Calling the User.get method with a 'groups' argument leaks the
+ existence of the groups depending on whether an error is thrown
+ or not. This method now also throws an error if the user calling
+ this method does not belong to these groups (independently of
+ whether the groups exist or not).</p>
+ <p>Trying to mark an attachment in a bug you cannot see as obsolete
+ discloses its description in the error message. The description
+ of the attachment is now removed from the error message.</p>
+ <h1>Cross-Site Scripting</h1>
+ <p>Due to incorrectly filtered field values in tabular reports,
+ it is possible to inject code leading to XSS.</p>
+ <p>A vulnerability in swfstore.swf from YUI2 allows JavaScript
+ injection exploits to be created against domains that host this
+ affected YUI .swf file.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2012-4199</cvename>
+ <url>https://bugzilla.mozilla.org/show_bug.cgi?id=731178</url>
+ <cvename>CVE-2012-4198</cvename>
+ <url>https://bugzilla.mozilla.org/show_bug.cgi?id=781850</url>
+ <cvename>CVE-2012-4197</cvename>
+ <url>https://bugzilla.mozilla.org/show_bug.cgi?id=802204</url>
+ <cvename>CVE-2012-4189</cvename>
+ <url>https://bugzilla.mozilla.org/show_bug.cgi?id=790296</url>
+ <cvename>CVE-2012-5475</cvename>
+ <url>https://bugzilla.mozilla.org/show_bug.cgi?id=808845</url>
+ <url>http://yuilibrary.com/support/20121030-vulnerability/</url>
+ </references>
+ <dates>
+ <discovery>2012-11-13</discovery>
+ <entry>2012-11-14</entry>
+ </dates>
+ </vuln>
+
<vuln vid="79818ef9-2d10-11e2-9160-00262d5ed8ee">
<topic>typo3 -- Multiple vulnerabilities in TYPO3 Core</topic>
<affects>
Please sign in to comment.
Something went wrong with that request. Please try again.