[Webapps-common-packages] Security update for bugzilla
Florian Weimer
fw at deneb.enyo.de
Fri Apr 10 14:24:28 UTC 2009
Hi,
there are currently several open issues in bugzilla:
<http://security-tracker.debian.net/tracker/source-package/bugzilla>
Of these, we should really fix CVE-2008-4437 for etch:
<https://bugzilla.mozilla.org/show_bug.cgi?id=437169>
There are reports that this being actively exploited. I'm not sure if
it's possible to backport the XSS/CSRF fixes to oldstable.
So could you please provide a proposal for a security update for
stable and oldstable?
Florian
More information about the Webapps-common-packages
mailing list