FEDORA-2014-16609 — security update for mantis

stable

mantis-1.2.18-1.fc21

FEDORA-2014-16609 created by giallu 10 years ago for Fedora 21

Security fix for CVE-2014-9280, CVE-2014-9279, CVE-2014-6316, CVE-2014-9117, CVE-2014-9089

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2014-16609

This update has been submitted for testing by giallu.

10 years ago

taskotron commented 10 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/19494/steps/runtask/logs/stdio (results are informative only)

taskotron commented 10 years ago

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/19494/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

10 years ago

This update has been pushed to testing

10 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

10 years ago

This update has been submitted for stable by giallu.

10 years ago

taskotron commented 10 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/22319/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

10 years ago

This update has been pushed to stable

10 years ago

Please login to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

disabled

Stable by Time

disabled

Dates

submitted

10 years ago

in testing

10 years ago

in stable

10 years ago

Builds

mantis-1.2.18-1.fc21

BZ#1164620 CVE-2014-8986 mantis: cross-site scripting (XSS) issues to be fixed in the upcoming 1.2.18 release

BZ#1164621 mantis: cross-site scripting (XSS) issues to be fixed in the upcoming 1.2.18 release [fedora-all]

BZ#1164631 CVE-2014-8988 mantis: information disclosure issue to be fixed in the upcoming 1.2.18 release

BZ#1164632 mantis: information disclosure issue to be fixed in the upcoming 1.2.18 release [fedora-all]

BZ#1165152 CVE-2014-8987 mantis: XSS on Configuration Report page

BZ#1165153 mantis: XSS on Configuration Report page [fedora-all]

BZ#1168161 CVE-2014-9089 mantis: SQL injection in view_all_set.php

BZ#1168163 CVE-2014-9089 mantis: SQL injection in view_all_set.php [fedora-all]

BZ#1168618 CVE-2014-9117 mantis: CAPTCHA bypass in registration form

BZ#1168621 CVE-2014-9117 mantis: CAPTCHA bypass in registration form [fedora-all]

BZ#1169162 mantis: PHP object injection in filter API

BZ#1169163 mantis: various flaws [fedora-all]

BZ#1169194 mantis: database credentials leak

BZ#1170180 CVE-2014-9269 mantis: XSS in extended project browser

BZ#1170182 mantis: XSS in extended project browser [fedora-all]

BZ#1170188 CVE-2014-9270 mantis: XSS in projax_api.php

BZ#1170189 mantis: XSS in projax_api.php [fedora-all]

BZ#1170192 CVE-2014-9281 mantis: XSS in admin panel / copy_field.php

BZ#1170193 CVE-2014-9272 mantis: XSS in string_insert_hrefs()

BZ#1170194 mantis: XSS in admin panel / copy_field.php [fedora-all]

BZ#1170196 mantis: XSS in string_insert_hrefs() [fedora-all]

BZ#1170542 CVE-2014-6316 mantis: URL redirection issue

BZ#1170543 CVE-2014-6316 mantis: URL redirection issue [fedora-all]

BZ#1171709 CVE-2014-9280 mantis: PHP Object Injection in filter API

BZ#1171713 CVE-2014-9279 mantis: database credentials disclosure in MantisBT's unattended upgrade script

BZ#1171714 CVE-2014-9279 CVE-2014-9280 mantis: various flaws [fedora-all]

mantis-1.2.18-1.fc21

Automated Test Results

None