-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 15 Nov 2010 10:09:20 +0100 Source: bugzilla Binary: bugzilla3 bugzilla3-doc Architecture: source all Version: 3.6.3.0-1 Distribution: unstable Urgency: medium Maintainer: Raphael Bossek <bossekr@debian.org> Changed-By: Raphael Bossek <bossekr@debian.org> Description: bugzilla3 - web-based bug tracking system bugzilla3-doc - comprehensive guide to Bugzilla Closes: 602420 Changes: bugzilla (3.6.3.0-1) unstable; urgency=medium . * New upstream release. Closes: #602420 * Fixed vulnerability CVE-2010-3172: By inserting a certain string into a URL, it was possible to inject both headers and content to any browser that supported "Server Push" (mostly only Gecko-based browsers like Firefox). This could lead to Cross-Site Scripting vulnerabilities, and possibly other more dangerous security issues as well. * Fixed vulnerability CVE-2010-3764: The Old Charts system generated graphs with predictable names into the "graphs/" directory, which also could be browsed to see its contents. This allowed unauthorized users to see product names and charted information about those products over time. * Fixed references to YUI components used by language templates. * Fixed missing images. * Surrpress error messages at installation stage. Checksums-Sha1: d77d70e1ec20b7ac80eabf26d4bf133ced458fba 1162 bugzilla_3.6.3.0-1.dsc 0b4fa7cff9dd5ce5aaf644bf73c4bd2946e79dd1 4438817 bugzilla_3.6.3.0.orig.tar.gz 3856d2b2a7e63979adce26453caece156b9ec8d0 99404 bugzilla_3.6.3.0-1.debian.tar.gz 2db2cfe7e85e0885c3f9affd41738a14524520ff 3043686 bugzilla3_3.6.3.0-1_all.deb 481a345d3ae43971148f35d7dcd8fea6b294d853 1418858 bugzilla3-doc_3.6.3.0-1_all.deb Checksums-Sha256: d7f068cc9dceba80d42a71c13ef6de8414678aa690c1055d5a07c3908c5dbd62 1162 bugzilla_3.6.3.0-1.dsc 85bf47de333b51e08223ac4a09529abd11e4a649c06ab9a10b5b02edc60817c4 4438817 bugzilla_3.6.3.0.orig.tar.gz b3b921a2c05c3393fc5a766262c89dc206754429dd1e0d6a24e5f5d3cc269e56 99404 bugzilla_3.6.3.0-1.debian.tar.gz d796eb7086de85ae42a20898c4799d376cc86dc4bffe27d5a9b6164114c9330e 3043686 bugzilla3_3.6.3.0-1_all.deb cb75ad3bd91333590fcda13e9e09cfc4ae0b8ba0145bbaca1b80d0e92434700a 1418858 bugzilla3-doc_3.6.3.0-1_all.deb Files: bf631a0414a165adc549bce46b96cd39 1162 web optional bugzilla_3.6.3.0-1.dsc f40946783c7ba2eeef36f1e3ab6c67ae 4438817 web optional bugzilla_3.6.3.0.orig.tar.gz 47b5112962d0cc5ce1246946d0ad395b 99404 web optional bugzilla_3.6.3.0-1.debian.tar.gz 580d2c90c93cfbbf3ed1881cd1ab4f0f 3043686 web optional bugzilla3_3.6.3.0-1_all.deb 7e1905f851cb72a2a7a95680f103d068 1418858 doc optional bugzilla3-doc_3.6.3.0-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFM4PnaN2lBq4Nesv8RAgy6AKCL7ViHGRKX11c8s2J8T+xqLrLTsQCeJuJr /szVc938tepPiMoDOdC3s2I= =FmTk -----END PGP SIGNATURE----- Accepted: bugzilla3-doc_3.6.3.0-1_all.deb to main/b/bugzilla/bugzilla3-doc_3.6.3.0-1_all.deb bugzilla3_3.6.3.0-1_all.deb to main/b/bugzilla/bugzilla3_3.6.3.0-1_all.deb bugzilla_3.6.3.0-1.debian.tar.gz to main/b/bugzilla/bugzilla_3.6.3.0-1.debian.tar.gz bugzilla_3.6.3.0-1.dsc to main/b/bugzilla/bugzilla_3.6.3.0-1.dsc bugzilla_3.6.3.0.orig.tar.gz to main/b/bugzilla/bugzilla_3.6.3.0.orig.tar.gz
