Bug 43883

Summary: BugZilla contains multiple security holes which must be corrected or denied
Product: Ports & Packages Reporter: Jason Li <delphij>
Component: Individual Port(s)Assignee: Alexey Zelkin <phantom>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff
none
file.diff none

Description Jason Li 2002-10-10 03:00:13 UTC 
As said in BugZilla's homepage,

All Bugzilla installations are advised to upgrade to the latest versions
of Bugzilla, 2.14.4 and 2.16.1, both released today. Security issues of 
varying importance have been fixed in both.  These vulnerabilities affect 
all previous 2.14 and 2.16 releases.

There're multiple security holes that must be solved by upgrading to the latest 2.16.1.

Fix: Do some changes in ports/devel/bugzilla. Considering the original port was 2.14.3, I think 2.14.4 would be better, so apply this patch on the port:
How-To-Repeat: This behavior is by design...
Comment 1 Ying-Chieh Liao freebsd_committer freebsd_triage 2002-10-10 03:44:28 UTC 
Responsible Changed
From-To: freebsd-ports->phantom

over to maintainer
Comment 2 Alexey Zelkin freebsd_committer freebsd_triage 2003-01-23 15:56:48 UTC 
State Changed
From-To: open->closed

Problem was fixed 3 months ago.  Close PR.