The following builds have been pushed to Fedora 9 updates-testing bugzilla-3.2.2-2.fc9 Details about builds: ================================================================================ bugzilla-3.2.2-2.fc9 (FEDORA-2009-2418) Bug tracking system -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 5 2009 Itamar Reis Peixoto <itamar@xxxxxxxxxxxxxxxx> 3.2.2-2 - fix from BZ #474250 Comment #16, from Chris Eveleigh --> - add python BR for contrib subpackage - fix description - change Requires perl-SOAP-Lite to perl(SOAP::Lite) according guidelines * Sun Mar 1 2009 Itamar Reis Peixoto <itamar@xxxxxxxxxxxxxxxx> 3.2.2-1 - thanks to Chris Eveleigh <chris dot eveleigh at planningportal dot gov dot uk> - for contributing with patches :-) - Upgrade to upstream 3.2.2 to fix multiple security vulns - Removed old perl_requires exclusions, added new ones for RADIUS, Oracle and sanitycheck.cgi - Added Oracle to supported DBs in description (and moved line breaks) - Include a patch to fix max_allowed_packet warnin when using with mysql * Sat Feb 28 2009 Itamar Reis Peixoto <itamar@xxxxxxxxxxxxxxxx> 3.0.8-1 - Upgrade to 3.0.8, fix #466077 #438080 - fix macro in changelog rpmlint warning - fix files-attr-not-set rpmlint warning for doc and contrib sub-packages * Mon Feb 23 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Mon Feb 2 2009 Stepan Kasal <skasal@xxxxxxxxxx> - 3.0.4-3 - do not require perl-Email-Simple, it is (no longer) in use - remove several explicit perl-* requires; the automatic dependencies do handle them * Mon Jul 14 2008 Tom "spot" Callaway <tcallawa@xxxxxxxxxx> - 3.0.4-2 - fix license tag -------------------------------------------------------------------------------- References: [ 1 ] Bug #465956 - CVE-2008-4437 bugzilla directory traversal flaw https://bugzilla.redhat.com/show_bug.cgi?id=465956 [ 2 ] Bug #484755 - CVE-2008-6098 bugzilla: quip moderation bypass for authenticated users https://bugzilla.redhat.com/show_bug.cgi?id=484755 [ 3 ] Bug #484805 - CVE-2009-0481 bugzilla: XSS vulnerability via HTML and JavaScript attachments https://bugzilla.redhat.com/show_bug.cgi?id=484805 [ 4 ] Bug #484807 - CVE-2009-0483 bugzilla: CSRF vuln via editkeywords.cgi and userprefs.cgi https://bugzilla.redhat.com/show_bug.cgi?id=484807 [ 5 ] Bug #484811 - CVE-2009-0484 bugzilla: CSRF vuln via buglist.cgi https://bugzilla.redhat.com/show_bug.cgi?id=484811 [ 6 ] Bug #484812 - CVE-2009-0485 bugzilla: CSRF vuln via editflagtypes.cgi https://bugzilla.redhat.com/show_bug.cgi?id=484812 [ 7 ] Bug #484813 - CVE-2009-0486 bugzilla: CSRF protection bypass when running under mod_perl https://bugzilla.redhat.com/show_bug.cgi?id=484813 [ 8 ] Bug #484806 - CVE-2009-0482 bugzilla: CSRF vuln via process_bug.cgi https://bugzilla.redhat.com/show_bug.cgi?id=484806 -------------------------------------------------------------------------------- -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list