[Webapps-common-discuss] [commit] r100 - packages/bugzilla/trunk/debian

Alexis Sukrieh sukria at alioth.debian.org
Sat Nov 4 01:11:18 CET 2006


Author: sukria
Date: 2006-11-04 01:11:18 +0100 (Sat, 04 Nov 2006)
New Revision: 100

Modified:
   packages/bugzilla/trunk/debian/changelog
   packages/bugzilla/trunk/debian/control
Log:
Changelog entry, dependency on libmailtools-perl >= 1.67 


Modified: packages/bugzilla/trunk/debian/changelog
===================================================================
--- packages/bugzilla/trunk/debian/changelog	2006-11-03 23:39:12 UTC (rev 99)
+++ packages/bugzilla/trunk/debian/changelog	2006-11-04 00:11:18 UTC (rev 100)
@@ -1,3 +1,20 @@
+bugzilla (2.22.1-1) unstable; urgency=high
+
+  * New upstream release (2.22.1) fixes several security issues (hence the
+    high priority)
+    + CVE-2006-5455:
+      Cross-site request forgery (CSRF) vulnerability in `editversions.cgi'.
+    + CVE-2006-5454:
+      Previous versions allow remote attackers to obtain the description
+      of arbitrary attachments.
+    + CVE-2006-5453:
+      Multiple cross-site scripting (XSS) vulnerabilities.
+    (bug #395094 now affects only sarge)
+  * Depends on libtemplate-perl (>= 2.10)
+  * Depends on libmailtools-perl (>= 1.67)
+
+ -- Alexis Sukrieh <sukria at debian.org>  Sat,  4 Nov 2006 01:10:20 +0100
+
 bugzilla (2.22-7) unstable; urgency=low
 
   * The package is now maintained by the Debian Webapps Team.

Modified: packages/bugzilla/trunk/debian/control
===================================================================
--- packages/bugzilla/trunk/debian/control	2006-11-03 23:39:12 UTC (rev 99)
+++ packages/bugzilla/trunk/debian/control	2006-11-04 00:11:18 UTC (rev 100)
@@ -11,7 +11,7 @@
 Architecture: all
 Depends: debconf (>= 0.9.95) | debconf-2.0, 
          libtemplate-perl (>= 2.10), libappconfig-perl, libdbd-mysql-perl, 
-         libtimedate-perl, libmailtools-perl (>= 1.6.7), libmime-perl,
+         libtimedate-perl, libmailtools-perl (>= 1.67), libmime-perl,
          apache | apache2 | apache-perl | apache-ssl | httpd, 
          sendmail | postfix | exim4 | mail-transport-agent, 
          ucf (>= 0.08), patch, dbconfig-common (>= 1.8.27)




More information about the Webapps-common-discuss mailing list