The bugzilla devs discovered that a specially crafted bug summary could trigger XSS in dependency graphs (CVE-2016-2803). This release fixes the issue.
A bug in Bugzilla caused it to send improperly formatted email addresses. This update contains the fix to this problem.
sudo dnf upgrade --advisory=FEDORA-2016-6cdcddef2c
Please login to add feedback.