Important Security Issue Fixed On Trunk

Max Kanat-Alexander mkanat at bugzilla.org
Thu Jun 24 00:45:24 UTC 2010


	Hey folks. This is an informal security advisory for trunk (3.7). A
security issue related to bug groups was introduced in revision 7205,
and was just fixed in revision 7239. There was never a released version
of Bugzilla that had this security issue, but it is critical enough that
I wanted to warn any installation that's running trunk (3.7), because it
would result in bugs getting created without mandatory groups if they
were created via the WebService or email_in. The bug was this one:

	https://bugzilla.mozilla.org/show_bug.cgi?id=572602

	If you are running 3.7, you should update to the latest 3.7 code
immediately.

	-Max
-- 
http://www.everythingsolved.com/
Competent, Friendly Bugzilla and Perl Services. Everything Else, too.



More information about the developers mailing list