Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: Update to rt 3.6.9 https://bugzilla.redhat.com/show_bug.cgi?id=526872 Summary: Update to rt 3.6.9 Product: Fedora EPEL Version: el5 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: low Component: rt3 AssignedTo: xavier@xxxxxxxxxxxx ReportedBy: xavier@xxxxxxxxxxxx QAContact: extras-qa@xxxxxxxxxxxxxxxxx CC: xavier@xxxxxxxxxxxx, rc040203@xxxxxxxxxx, fedora-perl-devel-list@xxxxxxxxxx, mmahut@xxxxxxxxxx Classification: Fedora Description of problem: All versions of RT from 3.4.6 to 3.8.4 are vulnerable to an escaping bug in the display of Custom Fields that could allow injection of javascript into the RT UI. http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl Fedora-perl-devel-list mailing list Fedora-perl-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-perl-devel-list
