——————————————————————————–
Fedora Update Notification
FEDORA-2015-caf3f74321
2016-01-07 23:40:26.815681
——————————————————————————–
Name : bugzilla
Product : Fedora 22
Version : 4.4.11
Release : 1.fc22
URL : http://www.bugzilla.org/
Summary : Bug tracking system
Description :
Bugzilla is a popular bug tracking system used by multiple open source projects
It requires a database engine installed – either MySQL, PostgreSQL or Oracle.
Without one of these database engines (local or remote), Bugzilla will not work
– see the Release Notes for details.
——————————————————————————–
Update Information:
The following security issues have been discovered in Bugzilla: * Unfiltered
HTML injected into a dependency graph could be used to create a cross-site
scripting attack. * Some web browsers incorrectly parse CSV files as valid
JavaScript code which could lead to data leak. This updates fixes these flaws.
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update bugzilla’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2015-247b517a18
2016-01-07 16:45:29.330088
——————————————————————————–
Name : bugzilla
Product : Fedora 23
Version : 4.4.11
Release : 1.fc23
URL : http://www.bugzilla.org/
Summary : Bug tracking system
Description :
Bugzilla is a popular bug tracking system used by multiple open source projects
It requires a database engine installed – either MySQL, PostgreSQL or Oracle.
Without one of these database engines (local or remote), Bugzilla will not work
– see the Release Notes for details.
——————————————————————————–
Update Information:
The following security issues have been discovered in Bugzilla: * Unfiltered
HTML injected into a dependency graph could be used to create a cross-site
scripting attack. * Some web browsers incorrectly parse CSV files as valid
JavaScript code which could lead to data leak. This updates fixes these flaws.
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update bugzilla’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce