-
Notifications
You must be signed in to change notification settings - Fork 19
Expand file tree
/
Copy pathsecurity.html
More file actions
104 lines (89 loc) · 2.99 KB
/
Copy pathsecurity.html
File metadata and controls
104 lines (89 loc) · 2.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
---
layout: default
---
{% comment %}
The following captures are so we can make paragraphs indent
{% endcomment -%}
{% capture newline %}
{% endcapture -%}
{% capture linespace %}
{% endcapture -%}
{% capture shortlinespace %}
{% endcapture -%}
{% comment %}
The following is a hack to make plurals or lack of them work correctly in
sentences.
{% endcomment -%}
{%- assign bugcount = page.bugs | size -%}
{%- assign issue = "issue" -%}
{%- assign this = "this" -%}
{%- assign has = "has" -%}
{%- if bugcount > 1 -%}
{%- assign issue = "issues" -%}
{%- assign this = "these" -%}
{%- assign has = "have" -%}
{%- endif -%}
{% comment %}
Page content starts here!
{% endcomment -%}
{{ page.date | date: '%A, ' }}{{ page.date | date_to_string: "ordinal", "US" }}<br/>
{% if page.bugs %}
<pre>
Summary
=======
Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security {{ issue }} {{ has }} been discovered
in Bugzilla:
{% for bug in page.bugs %}
* {{ bug.summary | replace: newline, shortlinespace }}
{% endfor %}
All affected installations are encouraged to upgrade as soon as
possible.
Vulnerability Details
=====================
{% for bug in page.bugs %}
{% if bug.class %}Class: {{ bug.class }}
{% endif -%}
{% if bug.affected %}Affected: {{ bug.affected | replace: newline, linespace }}
{% endif -%}
{% if bug.fixed-in %}Fixed In: {{ bug.fixed-in | replace: newline, linespace }}
{% endif -%}
{% if bug.description %}Description: {{ bug.description | replace: newline, linespace }}
{% endif -%}
{% if bug.references %}References: {{ bug.references | replace: newline, linespace }}
{% endif -%}
{% if bug.cve %}CVE Number: {{ bug.cve }}
{% endif %}
{% endfor %}
Vulnerability Solutions
=======================
The fix for {{ this }} {{ issue }} is included in the {{ page.fixed-in }}
releases. Upgrading to a release with the relevant fix will
protect your installation from possible exploits of {{ this }} {{ issue }}.
If you are unable to upgrade but would like to patch just the security
vulnerability, there are patches available for the {{ issue }} at the
"References" URL.
Full release downloads, patches to upgrade Bugzilla from previous
versions, and git upgrade instructions are available at:
https://www.bugzilla.org/download/
{% if page.additional %}
{{ page.additional }}
{% endif %}
Credits
=======
The Bugzilla team wish to thank the following people for their
assistance in locating, advising us of, and assisting us to fix this
issue:
{% for bug in page.bugs %}
{% capture pre %}{% if forloop.length > 1 %}Issue {{ forloop.index }} {% endif %}{% endcapture %}
{{ pre }}Reporter: {{ bug.reported-by }}
{{ pre }}Fixed by: {{ bug.fixed-by }}
{% endfor %}
General information about the Bugzilla bug-tracking system can be found
at:
https://www.bugzilla.org/
Comments and follow-ups can be directed to the support-bugzilla mailing list.
https://www.bugzilla.org/support/ has directions for accessing this forum.
</pre>
{% endif %}
{{ content }}