[Bug 526872] New: Update to rt 3.6.9
bugzilla at redhat.com
bugzilla at redhat.com
Fri Oct 2 08:30:44 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: Update to rt 3.6.9
https://bugzilla.redhat.com/show_bug.cgi?id=526872
Summary: Update to rt 3.6.9
Product: Fedora EPEL
Version: el5
Platform: All
OS/Version: Linux
Status: NEW
Severity: medium
Priority: low
Component: rt3
AssignedTo: xavier at bachelot.org
ReportedBy: xavier at bachelot.org
QAContact: extras-qa at fedoraproject.org
CC: xavier at bachelot.org, rc040203 at freenet.de,
fedora-perl-devel-list at redhat.com, mmahut at redhat.com
Classification: Fedora
Description of problem:
All versions of RT from 3.4.6 to 3.8.4 are vulnerable to an escaping bug in the
display of Custom Fields that could allow injection of javascript into the RT
UI.
http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the Fedora-perl-devel-list
mailing list