notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)All times are UTC		 Ukraine
non port: devel/bugzilla40/distinfo

Number of commits found: 4

Sunday, 20 Apr 2014
17:26 ohauer search for other commits by this committer 
- update bugzilla to 4.4.4, 4.2.9, 4.0.13
- minor Makefile cleanup

This release fixes one regression introduced in Bugzilla by
security bug 968576: URLs in bug comments are displayed
correctly again. (Bug 998323)

Release Notes & Changes
=======================
Before installing or upgrading, you should read the Release Notes for
the new version of Bugzilla:

  4.4.4:  http://www.bugzilla.org/releases/4.4.4/release-notes.html
  4.2.9:  http://www.bugzilla.org/releases/4.2.9/release-notes.html
  4.0.13: http://www.bugzilla.org/releases/4.0.13/release-notes.html

MFH:		2014Q2
Original commitRevision:351626 
Friday, 18 Apr 2014
18:52 ohauer search for other commits by this committer 
- distfiles where regenerated (wrong dependency list in the documentation)
- because there will no upstream fixes for CVE-2014-1517 mark bugzilla40 /
  bugzilla42 forbidden and set expiration date to 2014-06-21
- fix the GRAPHVIZ OPTION
- bump PORTREVISION

MFH:		2014Q2
Original commitRevision:351557 
15:03 ohauer search for other commits by this committer 
- update to 4.0.12, 4.2.8, 4.4.3
- move BINMODE to Makefile.common so it is also used in the language packs

Security:	CVE-2014-1517
Security:	608ed765-c700-11e3-848c-20cf30e32f6d
Security:	60bfa396-c702-11e3-848c-20cf30e32f6d
Original commitRevision:351542 
Thursday, 17 Oct 2013
19:35 ohauer search for other commits by this committer 
- update to latest release [1]
- use PKGNAMESUFFIX instead LATEST_LINK
- whitespace cleanup
- svn mv */bugzilla to */bugzilla40
- add vuxml entry

4.4.1, 4.2.7, and 4.0.11 Security Advisory
Wednesday Oct 16th, 2013

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issues have been discovered
in Bugzilla:

* A CSRF vulnerability in process_bug.cgi affecting Bugzilla 4.4 only
  can lead to a bug being edited without the user consent.

* A CSRF vulnerability in attachment.cgi can lead to an attachment
  being edited without the user consent.

* Several unfiltered parameters when editing flagtypes can lead to XSS.

* Due to an incomplete fix for CVE-2012-4189, some incorrectly filtered
  field values in tabular reports can lead to XSS.

All affected installations are encouraged to upgrade as soon as
possible.

[1]  even bugzilla40 gets upstream fixes an upgrade to bugzilla42/44 is
recommend

Security:	vid e135f0c9-375f-11e3-80b7-20cf30e32f6d
		CVE-2013-1733
		CVE-2013-1734
		CVE-2013-1742
		CVE-2013-1743
Original commitRevision:330666 

Number of commits found: 4
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
Security Policy
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
electron25Dec 07
varnish6Dec 02
varnish7Dec 02
electron25Dec 01
electron26Dec 01
gitlab-ceDec 01
chromiumNov 29
ungoogled-chromiumNov 29
mariadb1011-serverNov 26
mariadb105-serverNov 26
mariadb106-serverNov 26
strongswanNov 24
electron25Nov 22
electron26Nov 22
chromiumNov 16

8 vulnerabilities affecting 97 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last processed:
2023-12-10 17:12:44 UTC


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)

Calculated hourly:
Port count 32011
Broken 51
Deprecated 241
Ignore 213
Forbidden 1
Restricted 2
No CDROM 1
Vulnerable 50
Expired 7
Set to expire 216
Interactive 0
new 24 hours 1
new 48 hours5
new 7 days25
new fortnight183
new month250
Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD 		Valid HTML, CSS, and RSS. Copyright © 2000-2023 Dan Langille. All rights reserved.