diff options
| author | Beat Gaetzi <beat@FreeBSD.org> | 2012-11-15 08:50:06 +0000 |
|---|---|---|
| committer | Beat Gaetzi <beat@FreeBSD.org> | 2012-11-15 08:50:06 +0000 |
| commit | ea3f20d4f3f182df18c54d54296b55e3ba14243d (patch) | |
| tree | 5cb56d040e587a489644e30bb52e93863b64c947 | |
| parent | 05bca45e701c42de74386e0e3c40898a0f66c207 (diff) | |
| download | ports-ea3f20d4f3f182df18c54d54296b55e3ba14243d.tar.gz ports-ea3f20d4f3f182df18c54d54296b55e3ba14243d.zip | |
MFH 307425 by ohauer:
- bugzilla security updates to version(s)
3.6.11, 4.0.8, 4.2.4
Summary
=======
The following security issues have been discovered in Bugzilla:
* Confidential product and component names can be disclosed to
unauthorized users if they are used to control the visibility of
a custom field.
* When calling the 'User.get' WebService method with a 'groups'
argument, it is possible to check if the given group names exist
or not.
* Due to incorrectly filtered field values in tabular reports, it is
possible to inject code which can lead to XSS.
* When trying to mark an attachment in a bug you cannot see as
obsolete, the description of the attachment is disclosed in the
error message.
* A vulnerability in swfstore.swf from YUI2 can lead to XSS.
Feature safe: yes
Security: CVE-2012-4199
https://bugzilla.mozilla.org/show_bug.cgi?id=731178
CVE-2012-4198
https://bugzilla.mozilla.org/show_bug.cgi?id=781850
CVE-2012-4189
https://bugzilla.mozilla.org/show_bug.cgi?id=790296
CVE-2012-4197
https://bugzilla.mozilla.org/show_bug.cgi?id=802204
CVE-2012-5475
https://bugzilla.mozilla.org/show_bug.cgi?id=808845
http://yuilibrary.com/support/20121030-vulnerability/
MFH 307429 by ohauer:
- adjust required PgSQL module for bugzilla42
From Release Notes:
PostgreSQL 9.2 requires DBD::Pg 2.19.3. (Bug 799721)
No revision bump, p5-DBD-Pg-2.19.3
a) not on per default
b) in the tree since a view months
- add deprecation message to bugzilla3
From the announcement:
Note that when Bugzilla 4.4 is released, the Bugzilla 3.6.x series
will reach end of life. If you are using that series, we encourage
you to upgrade to 4.2.4 now.
http://groups.google.com/group/mozilla.support.bugzilla/browse_thread/thread/d8dcc99be0f89421
MFH 307430 by ohauer:
- fix german bugzilla templates (security fixes)
Notes
Notes:
svn path=/branches/RELENG_9_1_0/; revision=307442
| -rw-r--r-- | devel/bugzilla/Makefile | 2 | ||||
| -rw-r--r-- | devel/bugzilla/distinfo | 4 | ||||
| -rw-r--r-- | devel/bugzilla3/Makefile | 5 | ||||
| -rw-r--r-- | devel/bugzilla3/distinfo | 4 | ||||
| -rw-r--r-- | devel/bugzilla42/Makefile | 4 | ||||
| -rw-r--r-- | devel/bugzilla42/distinfo | 4 | ||||
| -rw-r--r-- | german/bugzilla/Makefile | 9 | ||||
| -rw-r--r-- | german/bugzilla/files/patch-4.0.8_4.0.9 | 55 | ||||
| -rw-r--r-- | german/bugzilla3/Makefile | 9 | ||||
| -rw-r--r-- | german/bugzilla3/files/patch-3.6.11_3.6.12 | 44 | ||||
| -rw-r--r-- | german/bugzilla42/Makefile | 10 | ||||
| -rw-r--r-- | german/bugzilla42/files/patch-4.2.3_4.2.4 | 117 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 57 |
13 files changed, 301 insertions, 23 deletions
diff --git a/devel/bugzilla/Makefile b/devel/bugzilla/Makefile index 8ba49f1d3095..509e5c40579c 100644 --- a/devel/bugzilla/Makefile +++ b/devel/bugzilla/Makefile @@ -1,7 +1,7 @@ # $FreeBSD$ PORTNAME= bugzilla -PORTVERSION= 4.0.8 +PORTVERSION= 4.0.9 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_MOZILLA} MASTER_SITE_SUBDIR= webtools webtools/archived diff --git a/devel/bugzilla/distinfo b/devel/bugzilla/distinfo index 7a9b873bcfba..1de7f3984149 100644 --- a/devel/bugzilla/distinfo +++ b/devel/bugzilla/distinfo @@ -1,2 +1,2 @@ -SHA256 (bugzilla/bugzilla-4.0.8.tar.gz) = 0d44ab29863ffe6ef7637f078c31e52805f1b2ff0ff4f5c39a0d7daebe326b0c -SIZE (bugzilla/bugzilla-4.0.8.tar.gz) = 2801982 +SHA256 (bugzilla/bugzilla-4.0.9.tar.gz) = af79b2f2b39f428e19122707d1334db5e447742ca6098f74803c35277117e394 +SIZE (bugzilla/bugzilla-4.0.9.tar.gz) = 2803607 diff --git a/devel/bugzilla3/Makefile b/devel/bugzilla3/Makefile index 58e8b4fccea9..62cb7bad09a7 100644 --- a/devel/bugzilla3/Makefile +++ b/devel/bugzilla3/Makefile @@ -1,7 +1,7 @@ # $FreeBSD$ PORTNAME= bugzilla -PORTVERSION= 3.6.11 +PORTVERSION= 3.6.12 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_MOZILLA} MASTER_SITE_SUBDIR= webtools webtools/archived @@ -28,6 +28,9 @@ USE_PERL5= yes BINMODE= 700 +DEPRECATED= Note that when Bugzilla 4.4 is released, the Bugzilla 3.6.x \ + series will reach end of life + SUB_FILES= pkg-message DATA_DIRS_LIST= images js skins diff --git a/devel/bugzilla3/distinfo b/devel/bugzilla3/distinfo index 1b8ee555c2af..ae276a77af25 100644 --- a/devel/bugzilla3/distinfo +++ b/devel/bugzilla3/distinfo @@ -1,2 +1,2 @@ -SHA256 (bugzilla/bugzilla-3.6.11.tar.gz) = 01b99ec5b1e6efc9d0a0352ebe2ea6e8b8c7471a3f4dd80c3b99b5be575c4585 -SIZE (bugzilla/bugzilla-3.6.11.tar.gz) = 2509551 +SHA256 (bugzilla/bugzilla-3.6.12.tar.gz) = 1b3ebd08545b0093cd64a6f2e6c1310c7e85e691c83bd79c10960329f1bdca77 +SIZE (bugzilla/bugzilla-3.6.12.tar.gz) = 2509580 diff --git a/devel/bugzilla42/Makefile b/devel/bugzilla42/Makefile index 4e845b908f54..218c075e5168 100644 --- a/devel/bugzilla42/Makefile +++ b/devel/bugzilla42/Makefile @@ -1,7 +1,7 @@ # $FreeBSD$ PORTNAME= bugzilla -PORTVERSION= 4.2.3 +PORTVERSION= 4.2.4 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_MOZILLA} MASTER_SITE_SUBDIR= webtools webtools/archived @@ -60,7 +60,7 @@ RUN_DEPENDS+= p5-DBD-mysql>=4.0001:${PORTSDIR}/databases/p5-DBD-mysql .if ${PORT_OPTIONS:MPGSQL} USE_PGSQL= yes -RUN_DEPENDS+= p5-DBD-Pg>=1.45:${PORTSDIR}/databases/p5-DBD-Pg +RUN_DEPENDS+= p5-DBD-Pg>=2.19.3:${PORTSDIR}/databases/p5-DBD-Pg .endif .if ${PORT_OPTIONS:MSQLITE} diff --git a/devel/bugzilla42/distinfo b/devel/bugzilla42/distinfo index 71380ba82091..0e3200562660 100644 --- a/devel/bugzilla42/distinfo +++ b/devel/bugzilla42/distinfo @@ -1,2 +1,2 @@ -SHA256 (bugzilla/bugzilla-4.2.3.tar.gz) = 712d645c5b2b081e42b2a364c26edf8a8a0048f463a426ac38cc482d31b11fb3 -SIZE (bugzilla/bugzilla-4.2.3.tar.gz) = 2977764 +SHA256 (bugzilla/bugzilla-4.2.4.tar.gz) = bede0cf893ad8ac99715614af0cf4624bc0e8552852f51290f546006105ce695 +SIZE (bugzilla/bugzilla-4.2.4.tar.gz) = 2976363 diff --git a/german/bugzilla/Makefile b/german/bugzilla/Makefile index d995811bd3d2..151f080710e1 100644 --- a/german/bugzilla/Makefile +++ b/german/bugzilla/Makefile @@ -2,7 +2,7 @@ PORTNAME= bugzilla PORTVERSION= 4.0.8 -#PORTREVISION= 1 +PORTREVISION= 1 CATEGORIES= german MASTER_SITES= SF MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION} @@ -21,9 +21,10 @@ NO_WRKSUBDIR= yes LANGDIR= ${WWWDIR}/template/de -#post-patch: -# ${REINPLACE_CMD} -i '' -e 's/4.0.7/4.0.8/' \ -# ${WRKDIR}/de/default/global/gzversion.html.tmpl +post-patch: + @${REINPLACE_CMD} -i '' -e 's/4.0.8/4.0.9/' \ + ${WRKDIR}/de/default/global/gzversion.html.tmpl + @${FIND} ${WRKDIR}/de/default/ -type f \( -name \*.orig -o -name \*.bak \) -delete do-install: @-${MKDIR} ${LANGDIR} diff --git a/german/bugzilla/files/patch-4.0.8_4.0.9 b/german/bugzilla/files/patch-4.0.8_4.0.9 new file mode 100644 index 000000000000..ad9ba21aec96 --- /dev/null +++ b/german/bugzilla/files/patch-4.0.8_4.0.9 @@ -0,0 +1,55 @@ +--- ./de/default/bug/create/create.html.tmpl.orig ++++ ./de/default/bug/create/create.html.tmpl +@@ -252,7 +252,7 @@ + <script type="text/javascript"> + <!-- + [%+ INCLUDE "bug/field-events.js.tmpl" +- field = bug_fields.component %] ++ field = bug_fields.component product = product %] + //--> + </script> + </td> +--- ./de/default/bug/field.html.tmpl.orig ++++ ./de/default/bug/field.html.tmpl +@@ -156,7 +156,7 @@ + <script type="text/javascript"> + <!-- + initHidingOptionsForIE('[% field.name FILTER js %]'); +- [%+ INCLUDE "bug/field-events.js.tmpl" field = field %] ++ [%+ INCLUDE "bug/field-events.js.tmpl" field = field product = bug.product_obj %] + //--> + </script> + +--- ./de/default/filterexceptions.pl.orig ++++ ./de/default/filterexceptions.pl +@@ -224,7 +224,6 @@ + + 'global/confirm-user-match.html.tmpl' => [ + 'script', +- 'fields.${field_name}.flag_type.name', + ], + + 'global/site-navigation.html.tmpl' => [ +--- ./de/default/global/code-error.html.tmpl.orig ++++ ./de/default/global/code-error.html.tmpl +@@ -268,8 +268,7 @@ + [%+ constants.bz_locations.localconfig FILTER html %]. + + [% ELSIF error == "mismatched_bug_ids_on_obsolete" %] +- Anhang [% attach_id FILTER html %] (<em>[% description FILTER html %]</em>) +- gehört zu [% terms.bug %] [%+ attach_bug_id FILTER html %], ++ Anhang [% attach_id FILTER html %] gehört zu [% terms.bug %], + daher ist es nicht möglich, ihn während der Anlage eines + Anhangs zu einem anderen [% terms.bug %] (in Ihrem + Fall [% terms.bug %] [%+ my_bug_id FILTER html %]) als obsolet zu markieren. +--- ./de/default/global/confirm-user-match.html.tmpl.orig ++++ ./de/default/global/confirm-user-match.html.tmpl +@@ -209,7 +209,7 @@ + [% ELSIF field_labels.$field_name %] + [% field_labels.$field_name FILTER html %] + [% ELSIF field_name.match("^requestee") %] +- [% fields.${field_name}.flag_type.name %] Anfrager ++ [% fields.${field_name}.flag_type.name FILTER html %] Anfrager + [% ELSE %] + [% field_name FILTER html %] + [% END %] diff --git a/german/bugzilla3/Makefile b/german/bugzilla3/Makefile index 18556c8461f3..03e84d0e0c4c 100644 --- a/german/bugzilla3/Makefile +++ b/german/bugzilla3/Makefile @@ -2,7 +2,7 @@ PORTNAME= bugzilla PORTVERSION= 3.6.11 -#PORTREVISION= 1 +PORTREVISION= 1 CATEGORIES= german MASTER_SITES= SF MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION} @@ -21,9 +21,10 @@ NO_WRKSUBDIR= yes LANGDIR= ${WWWDIR}/template/de -#post-patch: -# ${REINPLACE_CMD} -i '' -e 's/3.6.10/3.6.11/' \ -# ${WRKDIR}/de/default/global/gzversion.html.tmpl +post-patch: + @${REINPLACE_CMD} -i '' -e 's/3.6.11/3.6.12/' \ + ${WRKDIR}/de/default/global/gzversion.html.tmpl + @${FIND} ${WRKDIR}/de/default/ -type f \( -name \*.orig -o -name \*.bak \) -delete do-install: @-${MKDIR} ${LANGDIR} diff --git a/german/bugzilla3/files/patch-3.6.11_3.6.12 b/german/bugzilla3/files/patch-3.6.11_3.6.12 new file mode 100644 index 000000000000..4205c901b4f1 --- /dev/null +++ b/german/bugzilla3/files/patch-3.6.11_3.6.12 @@ -0,0 +1,44 @@ +--- ./de/default/bug/field.html.tmpl.orig 2012-11-14 20:59:42.000000000 +0100 ++++ ./de/default/bug/field.html.tmpl 2012-11-14 21:00:52.000000000 +0100 +@@ -173,7 +173,7 @@ + <script type="text/javascript"> + <!-- + initHidingOptionsForIE('[% field.name FILTER js %]'); +- [%+ INCLUDE "bug/field-events.js.tmpl" field = field %] ++ [%+ INCLUDE "bug/field-events.js.tmpl" field = field product = bug.product_obj %] + //--> + </script> + +--- ./de/default/filterexceptions.pl.orig 2012-11-14 20:59:42.000000000 +0100 ++++ ./de/default/filterexceptions.pl 2012-11-14 21:01:14.000000000 +0100 +@@ -229,7 +229,6 @@ + + 'global/confirm-user-match.html.tmpl' => [ + 'script', +- 'fields.${field_name}.flag_type.name', + ], + + 'global/site-navigation.html.tmpl' => [ +--- ./de/default/global/code-error.html.tmpl.orig 2012-11-14 20:59:42.000000000 +0100 ++++ ./de/default/global/code-error.html.tmpl 2012-11-14 21:01:59.000000000 +0100 +@@ -278,8 +278,7 @@ + [%+ constants.bz_locations.localconfig FILTER html %]. + + [% ELSIF error == "mismatched_bug_ids_on_obsolete" %] +- Anhang [% attach_id FILTER html %] (<em>[% description FILTER html %]</em>) +- gehört zu [% terms.bug %] [%+ attach_bug_id FILTER html %], ++ Anhang [% attach_id FILTER html %] gehört zu [% terms.bug %], + daher ist es nicht möglich, ihn während der Anlage eines + Anhangs zu einem anderen [% terms.bug %] (in Ihrem + Fall [% terms.bug %] [%+ my_bug_id FILTER html %]) als obsolet zu markieren. +--- ./de/default/global/confirm-user-match.html.tmpl.orig 2012-11-14 20:59:42.000000000 +0100 ++++ ./de/default/global/confirm-user-match.html.tmpl 2012-11-14 21:02:55.000000000 +0100 +@@ -204,7 +204,7 @@ + [% ELSIF field_labels.$field_name %] + [% field_labels.$field_name FILTER html %] + [% ELSIF field_name.match("^requestee") %] +- [% fields.${field_name}.flag_type.name %] Anfrager ++ [% fields.${field_name}.flag_type.name FILTER html %] Anfrager + [% ELSE %] + [% field_name FILTER html %] + [% END %] diff --git a/german/bugzilla42/Makefile b/german/bugzilla42/Makefile index 6d95051dd539..2dd3efc6914d 100644 --- a/german/bugzilla42/Makefile +++ b/german/bugzilla42/Makefile @@ -2,7 +2,7 @@ PORTNAME= bugzilla PORTVERSION= 4.2.3 -#PORTREVISION= 1 +PORTREVISION= 1 CATEGORIES= german MASTER_SITES= SF MASTER_SITE_SUBDIR=bugzilla-de/${PORTVERSION:R}/${PORTVERSION} @@ -21,10 +21,10 @@ NO_WRKSUBDIR= yes LANGDIR= ${WWWDIR}/template/de -#post-patch: -# @${REINPLACE_CMD} -i '' -e 's/4.2.2/4.2.3/' \ -# ${WRKDIR}/de/default/global/gzversion.html.tmpl -# @${FIND} ${WRKDIR} -type f -name \*.orig -delete +post-patch: + @${REINPLACE_CMD} -i '' -e 's/4.2.3/4.2.4/' \ + ${WRKDIR}/de/default/global/gzversion.html.tmpl + @${FIND} ${WRKDIR}/de/default/ -type f \( -name \*.orig -o -name \*.bak \) -delete do-install: @-${MKDIR} ${LANGDIR} diff --git a/german/bugzilla42/files/patch-4.2.3_4.2.4 b/german/bugzilla42/files/patch-4.2.3_4.2.4 new file mode 100644 index 000000000000..9f296697b565 --- /dev/null +++ b/german/bugzilla42/files/patch-4.2.3_4.2.4 @@ -0,0 +1,117 @@ +--- ./de/default/bug/edit.html.tmpl.orig ++++ ./de/default/bug/edit.html.tmpl +@@ -32,8 +32,8 @@ + + [% PROCESS bug/time.html.tmpl %] + +- <script type="text/javascript"> +- <!-- ++<script type="text/javascript"> ++<!-- + + /* Outputs a link to call replyToComment(); used to reduce HTML output */ + function addReplyLink(id, real_id) { +@@ -121,6 +121,7 @@ + + [% END %] + ++[% IF user.id %] + /* Index all classifications so we can keep track of the classification + * for the selected product, which could control field visibility. + */ +@@ -130,8 +131,9 @@ + [%- product.classification.name FILTER js %]'; + [%- END %] + +- //--> +- </script> ++[%- END %] ++//--> ++</script> + + <form name="changeform" id="changeform" method="post" action="process_bug.cgi"> + +--- ./de/default/filterexceptions.pl.orig ++++ ./de/default/filterexceptions.pl +@@ -108,7 +108,6 @@ + 'other_format.name', + 'sizeurl', + 'switchbase', +- 'format', + 'cumulate', + ], + +@@ -214,7 +213,6 @@ + + 'global/confirm-user-match.html.tmpl' => [ + 'script', +- 'fields.${field_name}.flag_type.name', + ], + + 'global/site-navigation.html.tmpl' => [ +--- ./de/default/global/code-error.html.tmpl.orig ++++ ./de/default/global/code-error.html.tmpl +@@ -263,8 +263,7 @@ + [%+ constants.bz_locations.localconfig FILTER html %]. + + [% ELSIF error == "mismatched_bug_ids_on_obsolete" %] +- Anhang [% attach_id FILTER html %] (<em>[% description FILTER html %]</em>) +- gehört zu [% terms.bug %] [%+ attach_bug_id FILTER html %], ++ Anhang [% attach_id FILTER html %] gehört zu [% terms.bug %], + daher ist es nicht möglich, ihn während der Anlage eines + Anhangs zu einem anderen [% terms.bug %] (in Ihrem + Fall [% terms.bug %] [%+ my_bug_id FILTER html %]) als obsolet zu markieren. +--- ./de/default/global/confirm-user-match.html.tmpl.orig ++++ ./de/default/global/confirm-user-match.html.tmpl +@@ -209,7 +209,7 @@ + [% ELSIF field_labels.$field_name %] + [% field_labels.$field_name FILTER html %] + [% ELSIF field_name.match("^requestee") %] +- [% fields.${field_name}.flag_type.name %] Anfrager ++ [% fields.${field_name}.flag_type.name FILTER html %] Anfrager + [% ELSE %] + [% field_name FILTER html %] + [% END %] +--- ./de/default/global/field-descs.none.tmpl.orig ++++ ./de/default/global/field-descs.none.tmpl +@@ -134,6 +134,7 @@ + "setting" => "Einstellungstyp", + "settings" => "Einstellungstypen", + "short_desc" => "Kurzbeschreibung", ++ "short_short_desc" => "Kurzbeschreibung", + "status_whiteboard" => "Statusnotiz", + "tag.name" => "Schlagwörter", + "target_milestone" => "Ziel-Meilenstein", +--- ./de/default/global/user-error.html.tmpl.orig ++++ ./de/default/global/user-error.html.tmpl +@@ -1970,7 +1970,7 @@ + + [% FOREACH q = Bugzilla.user.queries %] + [% IF q.name == namedcmd %] +- or <a href="query.cgi?[% q.url FILTER uri %]">bearbeiten</a> ++ or <a href="query.cgi?[% q.url FILTER html %]">bearbeiten</a> + [% END %] + [% END %]. + </p> +--- ./de/default/reports/report-table.html.tmpl.orig ++++ ./de/default/reports/report-table.html.tmpl +@@ -104,7 +104,7 @@ + var myColumnDefs = [ + {key:"row_title", label:"", sortable:true, sortOptions: { sortFunction:totalNumberSorter }}, + [% FOREACH col = col_names %] +- {key:"[% col FILTER js %]", label:"[% display_value(col_field, col) FILTER js %]", sortable:true, ++ {key:"[% col FILTER js %]", label:"[% display_value(col_field, col) FILTER html FILTER js %]", sortable:true, + formatter:this.Linkify, sortOptions: { defaultDir: YAHOO.widget.DataTable.CLASS_DESC, sortFunction:totalNumberSorter }}, + [% END %] + {key:"total", label:"Gesamt", sortable:true, formatter:this.LinkifyTotal, +--- ./de/default/reports/report.html.tmpl.orig ++++ ./de/default/reports/report.html.tmpl +@@ -172,7 +172,7 @@ + zu diesem Bericht ändern</a> + [% ELSE %] + <a href="query.cgi?[% switchbase %]&chart_format= +- [% format %]&format=report-graph&cumulate=[% cumulate %]"> ++ [% format FILTER uri %]&format=report-graph&cumulate=[% cumulate %]"> + Abfrage zu diesem Bericht ändern + </a> + [% END %] diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 508242d058f5..23e8d515d82d 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,63 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="2b841f88-2e8d-11e2-ad21-20cf30e32f6d"> + <topic>bugzilla -- multiple vulnerabilities</topic> + <affects> + <package> + <name>bugzilla</name> + <range><ge>3.6.0</ge><lt>3.6.12</lt></range> + <range><ge>4.0.0</ge><lt>4.0.9</lt></range> + <range><ge>4.2.0</ge><lt>4.2.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>A Bugzilla Security Advisory reports:</h1> + <blockquote cite="http://www.bugzilla.org/security/3.6.11/"> + <p>The following security issues have been discovered in + Bugzilla:</p> + <h1>Information Leak</h1> + <p>If the visibility of a custom field is controlled by a product + or a component of a product you cannot see, their names are + disclosed in the JavaScript code generated for this custom field + despite they should remain confidential.</p> + <p>Calling the User.get method with a 'groups' argument leaks the + existence of the groups depending on whether an error is thrown + or not. This method now also throws an error if the user calling + this method does not belong to these groups (independently of + whether the groups exist or not).</p> + <p>Trying to mark an attachment in a bug you cannot see as obsolete + discloses its description in the error message. The description + of the attachment is now removed from the error message.</p> + <h1>Cross-Site Scripting</h1> + <p>Due to incorrectly filtered field values in tabular reports, + it is possible to inject code leading to XSS.</p> + <p>A vulnerability in swfstore.swf from YUI2 allows JavaScript + injection exploits to be created against domains that host this + affected YUI .swf file.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2012-4199</cvename> + <url>https://bugzilla.mozilla.org/show_bug.cgi?id=731178</url> + <cvename>CVE-2012-4198</cvename> + <url>https://bugzilla.mozilla.org/show_bug.cgi?id=781850</url> + <cvename>CVE-2012-4197</cvename> + <url>https://bugzilla.mozilla.org/show_bug.cgi?id=802204</url> + <cvename>CVE-2012-4189</cvename> + <url>https://bugzilla.mozilla.org/show_bug.cgi?id=790296</url> + <cvename>CVE-2012-5475</cvename> + <url>https://bugzilla.mozilla.org/show_bug.cgi?id=808845</url> + <url>http://yuilibrary.com/support/20121030-vulnerability/</url> + </references> + <dates> + <discovery>2012-11-13</discovery> + <entry>2012-11-14</entry> + </dates> + </vuln> + <vuln vid="79818ef9-2d10-11e2-9160-00262d5ed8ee"> <topic>typo3 -- Multiple vulnerabilities in TYPO3 Core</topic> <affects> |