Now
pkgsrc-2008Q1 commitmail json YAML
pkgsrc/devel/bugzilla/Makefile@1.28.2.1
/
diff
pkgsrc/devel/bugzilla/PLIST@1.13.6.1 / diff
pkgsrc/devel/bugzilla/distinfo@1.14.6.1 / diff
pkgsrc/devel/bugzilla/PLIST@1.13.6.1 / diff
pkgsrc/devel/bugzilla/distinfo@1.14.6.1 / diff
pullup ticket #2380 - requested by adrianp
bugzilla: update for cross-site scripting vulnerability
revisions pulled up:
- pkgsrc/devel/bugzilla/Makefile
- pkgsrc/devel/bugzilla/PLIST
- pkgsrc/devel/bugzilla/distinfo
Module Name: pkgsrc
Committed By: adrianp
Date: Tue May 6 19:36:39 UTC 2008
Modified Files:
pkgsrc/devel/bugzilla: Makefile PLIST distinfo
Log Message:
2.22.4
Class: Cross-Site Scripting
Versions: 2.17.2 and higher
Description: When using the "Format for Printing" view of a bug (or
the "Long Format" of a bug list, which is the same thing),
there was a cross-site scripting hole--arbitrary text
from a particular URL parameter could be injected into the
page without filtering.
bugzilla: update for cross-site scripting vulnerability
revisions pulled up:
- pkgsrc/devel/bugzilla/Makefile
- pkgsrc/devel/bugzilla/PLIST
- pkgsrc/devel/bugzilla/distinfo
Module Name: pkgsrc
Committed By: adrianp
Date: Tue May 6 19:36:39 UTC 2008
Modified Files:
pkgsrc/devel/bugzilla: Makefile PLIST distinfo
Log Message:
2.22.4
Class: Cross-Site Scripting
Versions: 2.17.2 and higher
Description: When using the "Format for Printing" view of a bug (or
the "Long Format" of a bug list, which is the same thing),
there was a cross-site scripting hole--arbitrary text
from a particular URL parameter could be injected into the
page without filtering.