2.14 Security Advisory
Thursday, Aug 30th, 2001Bugzilla Security Advisory
Aug 30th, 2001Author: Matthew Tuck
Overview
Users of Bugzilla are recommended to update to version 2.14.Bugzilla 2.14 is a general security update, but not all of the security issues are serious.
Serious issues include:
- Multiple instances where data on "confidential" bugs could be obtained by valid users of the system not authorised to.
- Multiple instances of security holes where parameters were not being checked/escaped properly.