stable

bugzilla-4.4.12-1.fc23

FEDORA-2016-6cdcddef2c created by eseyman 9 years ago for Fedora 23

The bugzilla devs discovered that a specially crafted bug summary could trigger XSS in dependency graphs (CVE-2016-2803). This release fixes the issue.

A bug in Bugzilla caused it to send improperly formatted email addresses. This update contains the fix to this problem.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2016-6cdcddef2c

This update has been submitted for testing by eseyman.

9 years ago

This update has obsoleted bugzilla-4.4.11-2.fc23, and has inherited its bugs and notes.

9 years ago

This update has been pushed to testing.

9 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

9 years ago

This update has been submitted for stable by eseyman.

9 years ago

This update has been pushed to stable.

9 years ago

Please log in to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
9 years ago
in testing
9 years ago
in stable
9 years ago
Builds
1
bugzilla-4.4.12-1.fc23
BZ#1305061 perl-Encode-2.80 breaks sending email by bugzilla
0
0
BZ#1336671 CVE-2016-2803 bugzilla: Cross-site-scripting in dependency graphs
0
0
BZ#1336672 CVE-2016-2803 bugzilla: Cross-site-scripting in dependency graphs [fedora-all]
0
0
bugzilla-4.4.12-1.fc23

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-181-fmvfh.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy