Bugzilla Security AdvisoryAug 30th, 2001
Author: Matthew Tuck
OverviewUsers of Bugzilla are recommended to update to version 2.14.
Bugzilla 2.14 is a general security update, but not all of the security issues are serious.
Serious issues include:
- Multiple instances where data on "confidential" bugs could be obtained by valid users of the system not authorised to.
- Multiple instances of security holes where parameters were not being checked/escaped properly.