Updated bugzilla package fixes multiple vulnerabilities
Publication date: 02 May 2014Type: security
Affected Mageia releases : 3
CVE: CVE-2013-1733 , CVE-2013-1734 , CVE-2013-1743 , CVE-2013-1742 , CVE-2014-1517
Description
Updated bugzilla packages fix security vulnerabilities: Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token (CVE-2013-1733). Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action (CVE-2013-1734). Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) sortkey parameter (CVE-2013-1742). Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the (1) summary or (2) real name field. NOTE: this issue exists because of an incomplete fix for CVE-2012-4189 (CVE-2013-1743). The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then submit a vulnerability report, related to a "login CSRF" issue (CVE-2014-1517).
References
- http://www.bugzilla.org/security/4.0.10/
- http://www.bugzilla.org/security/4.0.11/
- http://www.bugzilla.org/releases/4.4.4/release-notes.html
- http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2013:285/
- https://lists.fedoraproject.org/pipermail/package-announce/2014-April/132309.html
- https://bugs.mageia.org/show_bug.cgi?id=10897
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1733
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1734
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1743
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1742
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1517
SRPMS
3/core
- bugzilla-4.4.4-1.1.mga3