[ANN] Release of Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3
Today we have four new releases. One new development snapshot (3.7.3), one new stable release (3.6.2) and two security updates for the old stable releases (3.4.8 and 3.2.8). Bugzilla 3.6.2 is our latest stable release. It contains various useful bug fixes and security improvements for the 3.6 branch. Bugzilla 3.4.8 and 3.2.8 are security updates for the 3.4 branch and the 3.2 branch, respectively. Bugzilla 3.7.3 is our third unstable development release leading to Bugzilla 4.0. We have done a fair amount of QA on this release. However, QA found many bugs that have not yet been fixed, so this release should not be used in production environments. Development releases exist as previews of the features that a future release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback. So, if you find a bug in this development release (or you don't like how some feature works) please tell us. Download -------- Bugzilla is available at: http://www.bugzilla.org/download/ Release Notes & Changes ----------------------- Before installing or upgrading, you should read the Release Notes for this version of Bugzilla: 3.6.2: http://www.bugzilla.org/releases/3.6.2/release-notes.html 3.4.8: http://www.bugzilla.org/releases/3.4.8/release-notes.html 3.2.8: http://www.bugzilla.org/releases/3.2.8/release-notes.html It is particularly important to read the Release Notes if you are upgrading from one major version to another (like 3.4.x to 3.6.x). To see a list of all changes between your version of Bugzilla and the current version of Bugzilla, you can use the chart at: http://www.bugzilla.org/status/changes.html The Bugzilla Update ------------------- You can see the latest updates from the Bugzilla Project and the status of Bugzilla development on The Bugzilla Update: http://bugzillaupdate.wordpress.com/ Report Bugs ----------- If you find a bug in Bugzilla, please report it! Instructions are at this URL: http://www.bugzilla.org/developers/reporting_bugs.html Support ------- You can ask questions for free on the mailing lists (or in IRC) about Bugzilla, or you can hire a paid consultant to help you out: Free Support: http://www.bugzilla.org/support/ Paid Support: http://www.bugzilla.org/support/consulting.html About Bugzilla -------------- Bugzilla is a "Defect Tracking System" or "Bug-Tracking System." Defect Tracking Systems allow individuals or groups of developers to keep track of outstanding bugs in their product effectively. Most commercial defect-tracking software vendors charge enormous licensing fees. Despite being "free", Bugzilla has many features its expensive counterparts lack. Consequently, Bugzilla has quickly become a favorite of thousands of organizations across the globe, and is widely regarded as one of the top defect-tracking systems available. See http://www.bugzilla.org/about/ for more details. -Max Kanat-Alexander Release Manager, Bugzilla Project
|
0 |
|
Max
8/6/2010 4:32:33 AM
mozilla.support.bugzilla
10182 articles. 
0 followers.
0 Replies
1257 Views
Similar Artilces:
[ANN] Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * There is a way to inject both headers and content to users, causing a serious Cross-Site Scripting vulnerability. * It was possible to see graphs from Old Charts even if you did not have access to a particular product, and you could browse a particular URL to see all product names. * YUI 2.8.1, which shipped with Bugzilla starting with 3.7.x, contain...
[ANN] Release of Bugzilla 3.2.2, 3.0.8, and 3.3.3
Bugzilla 3.2.1, 3.0.7, and 3.3.2 contained a bug that was critical for any installation running under mod_perl, due to an unintentional interaction between the various security fixes in those releases. We are releasing three new releases today to fix the critical issue: 3.2.2, 3.0.8, and 3.3.3. They are identical to the previous release except that they have this one fix for installations running under mod_perl. Download -------- Bugzilla is available at: http://www.bugzilla.org/download/ Security Advisory ----------------- Details of the fix are in the Security Adviso...
[ANN] Release of Bugzilla 4.3.3, 4.2.3, 4.0.8, and 3.6.11
Today we are releasing 4.2.3, 4.0.8, 3.6.11, and the unstable development snapshot 4.3.3. All of today's releases contain security fixes. We recommend all Bugzilla administrators to read the Security Advisory linked below. Bugzilla 4.2.3 is our latest stable release. It contains various useful bug fixes and security fixes for the 4.2 branch. Bugzilla 4.0.8 and 3.6.11 are security updates for the 4.0 branch and the 3.6 branch, respectively. Both also contain one bug fix. Note that 4.3.3 is an unstable development release and should not be used in production envir...
[ANN] Release of Bugzilla 3.2.7, 3.4.7, 3.6.1, and 3.7.1
Today we have four new releases! One new development snapshot (3.7.1), two new stable releases (3.6.1 and 3.4.7) and one update for the legacy 3.2 branch (3.2.7). Bugzilla 3.6.1 is our latest stable release. It contains some significant bug fixes for the 3.6 branch. Bugzilla 3.4.7 is the last bug-fix release for the 3.4 series. After this, there will only be additional 3.4 releases if there are security issues discovered in the 3.4 series. Bugzilla 3.2.7 is a security update for the 3.2 branch. Bugzilla 3.7.1 is our first unstable development release on the road to ...
[ANN] Security Advisory for Bugzilla 3.2.7, 3.4.7, 3.6.1, and 3.7.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * It was possible to (at least partially) determine the membership of any group using the Search interface. * It was possible to use the 'sudo' feature without sending a notification to the user being impersonated. * The 'Reports' and 'Duplicates' pages let you guess the name of products you could not see, due to the error message ...
[ANN] Release of Bugzilla 3.2.1, 3.0.7, 2.22.7, and 3.3.2
Today we have some major security improvements for Bugzilla in the form of four releases. We strongly recommend that all Bugzilla administrators read the Security Advisory for these releases, which is linked below in this email. Bugzilla 3.2.1 is our latest stable release. It contains various useful bug fixes in addition to major security improvements. Bugzilla 3.0.7 and Bugzilla 2.22.7 are security updates for their branches. Bugzilla 3.3.2 is an unstable development release. In addition to the security fixes that all the other releases contain, this release contains n...
[ANN] Security Advisory for Bugzilla 3.2.6, 3.4.6, 3.6, and 3.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * Everybody could search for time-tracking information, not just members of the timetrackinggroup. * Under suexec, "localconfig" was world-readable, meaning that local users with shell access to the Bugzilla server may have been able to see the database password and the site_wide_secret. All affected installations are encouraged to upgrade as so...
[ANN] Release of Bugzilla 3.0.10, 3.2.6, 3.4.5, and 3.5.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Today we have four new releases: Bugzilla 3.4.5 is our latest stable release. It contains various useful bug fixes and security improvements. Bugzilla 3.2.6 is a security update for the 3.2 branch, and Bugzilla 3.0.11 is a security update for the 3.0 branch. Bugzilla 3.5.3 is our latest unstable development release. We are now feature-frozen for 3.6, so though there will be a few functional changes between now and the final release, this is mostly what 3.6 will look like when it comes out. As usual with development release...
Security advisory for Bugzilla 4.3.3, 4.2.3, 4.0.8 and 3.6.11
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * When the user logs in using LDAP, the username is not escaped before being passed to LDAP which could potentially lead to LDAP injection. * Extensions are not protected against directory browsing by default and users can view the source code of templates used by the extensions. These templates may contain sensitive data. All affected installations ar...
[ANN] Release of Bugzilla 3.2.3 and 3.3.4
Today we have two new versions of Bugzilla for you. Bugzilla 3.2.3 is our latest stable release. It contains various useful bug fixes and security improvements. Bugzilla 3.3.4 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. If you find a bug in this development release (or you don't like how some feature works) please tell us by filing a bug. Both of today's releases contain a security fix. Please see our latest Security Advisory for details. Note that old...
[ANN] Release of Bugzilla 3.2.9, 3.4.9, 3.6.3, and 4.0rc1
Today we are announcing the first Release Candidate for Bugzilla 4.0, in addition to one new stable release and two security-only updates for the 3.2.x and 3.4.x series. Bugzilla 4.0rc1 is our first Release Candidate for Bugzilla 4.0. This release has received QA testing, and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at your own risk. In particular, certain aspects of the WebServices have not yet been tested as part of this Release Candidate, so ...
[ANN] Release of Bugzilla 4.3.2, 4.2.2, 4.0.7, and 3.6.10
Today we are releasing 4.2.2, 4.0.7, 3.6.10, and the unstable development snapshot 4.3.2. All of today's releases contain security fixes. We recommend all Bugzilla administrators to read the Security Advisory linked below. Bugzilla 4.2.2 is our latest stable release. It contains various useful bug fixes and security fixes for the 4.2 branch. Bugzilla 4.0.7 and 3.6.10 are security updates for the 4.0 branch and the 3.6 branch, respectively. 4.0.7 also contains several bug fixes. Note that 4.3.2 is an unstable development release and should not be used in producti...
[ANN] Release of Bugzilla 4.1.3, 4.0.2, 3.6.6, and 3.4.12
Today we are releasing 4.0.2, 3.6.6, 3.4.12, and the unstable development snapshot 4.1.3. All of today's releases contain security fixes. We recommend all Bugzilla administrators read the Security Advisory linked below. 4.0.2 is our latest stable release, containing various useful bug fixes and performance improvements. 3.6.6 and 3.4.12 are security updates for those series. Note that 4.1.3 is an unstable development release and should not be used in production environments. We are feature-frozen at this point, however, so the features you see in 4.1.3 shoul...
[ANN] Release of Bugzilla 3.2.10, 3.4.10, 3.6.4, and 4.0rc2
Some serious security issues were discovered in Bugzilla, and as a result we have four security releases for you today. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases, and we also recommend that you update as soon as possible. Bugzilla 4.0rc2 is our second Release Candidate for Bugzilla 4.0. This release has received QA testing and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * There is a way to inject both headers and content to users, causing a serious Cross-Site Scripting vulnerability. * It was possible to see graphs from Old Charts even if you did not have access to a particular product, and you could browse a particular URL to see all product names. * YUI 2.8.1, which shipped with Bugzilla starting with 3.7.x, contain...
[ANN] Release of Bugzilla 3.2.2, 3.0.8, and 3.3.3
Bugzilla 3.2.1, 3.0.7, and 3.3.2 contained a bug that was critical for any installation running under mod_perl, due to an unintentional interaction between the various security fixes in those releases. We are releasing three new releases today to fix the critical issue: 3.2.2, 3.0.8, and 3.3.3. They are identical to the previous release except that they have this one fix for installations running under mod_perl. Download -------- Bugzilla is available at: http://www.bugzilla.org/download/ Security Advisory ----------------- Details of the fix are in the Security Adviso...
[ANN] Release of Bugzilla 4.3.3, 4.2.3, 4.0.8, and 3.6.11
Today we are releasing 4.2.3, 4.0.8, 3.6.11, and the unstable development snapshot 4.3.3. All of today's releases contain security fixes. We recommend all Bugzilla administrators to read the Security Advisory linked below. Bugzilla 4.2.3 is our latest stable release. It contains various useful bug fixes and security fixes for the 4.2 branch. Bugzilla 4.0.8 and 3.6.11 are security updates for the 4.0 branch and the 3.6 branch, respectively. Both also contain one bug fix. Note that 4.3.3 is an unstable development release and should not be used in production envir...
[ANN] Release of Bugzilla 3.2.7, 3.4.7, 3.6.1, and 3.7.1
Today we have four new releases! One new development snapshot (3.7.1), two new stable releases (3.6.1 and 3.4.7) and one update for the legacy 3.2 branch (3.2.7). Bugzilla 3.6.1 is our latest stable release. It contains some significant bug fixes for the 3.6 branch. Bugzilla 3.4.7 is the last bug-fix release for the 3.4 series. After this, there will only be additional 3.4 releases if there are security issues discovered in the 3.4 series. Bugzilla 3.2.7 is a security update for the 3.2 branch. Bugzilla 3.7.1 is our first unstable development release on the road to ...
[ANN] Security Advisory for Bugzilla 3.2.7, 3.4.7, 3.6.1, and 3.7.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * It was possible to (at least partially) determine the membership of any group using the Search interface. * It was possible to use the 'sudo' feature without sending a notification to the user being impersonated. * The 'Reports' and 'Duplicates' pages let you guess the name of products you could not see, due to the error message ...
[ANN] Release of Bugzilla 3.2.1, 3.0.7, 2.22.7, and 3.3.2
Today we have some major security improvements for Bugzilla in the form of four releases. We strongly recommend that all Bugzilla administrators read the Security Advisory for these releases, which is linked below in this email. Bugzilla 3.2.1 is our latest stable release. It contains various useful bug fixes in addition to major security improvements. Bugzilla 3.0.7 and Bugzilla 2.22.7 are security updates for their branches. Bugzilla 3.3.2 is an unstable development release. In addition to the security fixes that all the other releases contain, this release contains n...
[ANN] Security Advisory for Bugzilla 3.2.6, 3.4.6, 3.6, and 3.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * Everybody could search for time-tracking information, not just members of the timetrackinggroup. * Under suexec, "localconfig" was world-readable, meaning that local users with shell access to the Bugzilla server may have been able to see the database password and the site_wide_secret. All affected installations are encouraged to upgrade as so...
[ANN] Release of Bugzilla 3.0.10, 3.2.6, 3.4.5, and 3.5.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Today we have four new releases: Bugzilla 3.4.5 is our latest stable release. It contains various useful bug fixes and security improvements. Bugzilla 3.2.6 is a security update for the 3.2 branch, and Bugzilla 3.0.11 is a security update for the 3.0 branch. Bugzilla 3.5.3 is our latest unstable development release. We are now feature-frozen for 3.6, so though there will be a few functional changes between now and the final release, this is mostly what 3.6 will look like when it comes out. As usual with development release...
Security advisory for Bugzilla 4.3.3, 4.2.3, 4.0.8 and 3.6.11
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: * When the user logs in using LDAP, the username is not escaped before being passed to LDAP which could potentially lead to LDAP injection. * Extensions are not protected against directory browsing by default and users can view the source code of templates used by the extensions. These templates may contain sensitive data. All affected installations ar...
[ANN] Release of Bugzilla 3.2.3 and 3.3.4
Today we have two new versions of Bugzilla for you. Bugzilla 3.2.3 is our latest stable release. It contains various useful bug fixes and security improvements. Bugzilla 3.3.4 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. If you find a bug in this development release (or you don't like how some feature works) please tell us by filing a bug. Both of today's releases contain a security fix. Please see our latest Security Advisory for details. Note that old...
[ANN] Release of Bugzilla 3.2.9, 3.4.9, 3.6.3, and 4.0rc1
Today we are announcing the first Release Candidate for Bugzilla 4.0, in addition to one new stable release and two security-only updates for the 3.2.x and 3.4.x series. Bugzilla 4.0rc1 is our first Release Candidate for Bugzilla 4.0. This release has received QA testing, and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at your own risk. In particular, certain aspects of the WebServices have not yet been tested as part of this Release Candidate, so ...
[ANN] Release of Bugzilla 4.3.2, 4.2.2, 4.0.7, and 3.6.10
Today we are releasing 4.2.2, 4.0.7, 3.6.10, and the unstable development snapshot 4.3.2. All of today's releases contain security fixes. We recommend all Bugzilla administrators to read the Security Advisory linked below. Bugzilla 4.2.2 is our latest stable release. It contains various useful bug fixes and security fixes for the 4.2 branch. Bugzilla 4.0.7 and 3.6.10 are security updates for the 4.0 branch and the 3.6 branch, respectively. 4.0.7 also contains several bug fixes. Note that 4.3.2 is an unstable development release and should not be used in producti...
[ANN] Release of Bugzilla 4.1.3, 4.0.2, 3.6.6, and 3.4.12
Today we are releasing 4.0.2, 3.6.6, 3.4.12, and the unstable development snapshot 4.1.3. All of today's releases contain security fixes. We recommend all Bugzilla administrators read the Security Advisory linked below. 4.0.2 is our latest stable release, containing various useful bug fixes and performance improvements. 3.6.6 and 3.4.12 are security updates for those series. Note that 4.1.3 is an unstable development release and should not be used in production environments. We are feature-frozen at this point, however, so the features you see in 4.1.3 shoul...
[ANN] Release of Bugzilla 3.2.10, 3.4.10, 3.6.4, and 4.0rc2
Some serious security issues were discovered in Bugzilla, and as a result we have four security releases for you today. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases, and we also recommend that you update as soon as possible. Bugzilla 4.0rc2 is our second Release Candidate for Bugzilla 4.0. This release has received QA testing and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at ...
Web resources about - [ANN] Release of Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3 - mozilla.support.bugzilla
Bugzilla - Wikipedia, the free encyclopediaBugzilla is a Web -based general-purpose bugtracker and testing tool originally developed and used by the Mozilla project, and licensed under ...
Bugzilla Main PageThis is the bug tracker for MediaWiki and its extensionsand site-specific problems on Wikimedia's wiki sites. Welcome to Bugzilla. To see what's ...
Critical Bugzilla vulnerability could give hackers access to undisclosed software flawsHackers could have had an inside track on unpatched flaws in major software projects because of a critical vulnerability in Bugzilla, a system ...
Bugzilla 0-day can reveal 0-day bugs in OSS giants like Mozilla, Red HatC Security firm Check Point Software Technologies used a flaw it discovered in the Perl programming language to hack into the popular Bugzilla ...
Mozilla loses more user info, this time data of 97,000 customers goes out through Bugzilla... has come to light regarding the loss of another 97,000 emails and passwords that were left exposed. The latest issue comes via Bugzilla, and ...
Bugzilla, my first wiki
Bugzilla introduced me to the world of wikis. It took me a while to understand the power of wikis. But I remember years ago when I first used ...
Bugzilla introduced me to the world of wikis. It took me a while to understand the power of wikis. But I remember years ago when I first used ...
Mozilla's Bugzilla Hacked, Exposing Firefox Zero-Days
The good news in this bad situation is that Firefox is already patched for all the issues.
The good news in this bad situation is that Firefox is already patched for all the issues.
Bugzilla Zero-Day Exposes Zero-Day BugsA previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions ...
Critical Bugzilla vulnerability could give hackers access to undisclosed software flaws
Hackers could have had an inside track on unpatched flaws in major software projects because of a critical vulnerability in Bugzilla, a system ...
Hackers could have had an inside track on unpatched flaws in major software projects because of a critical vulnerability in Bugzilla, a system ...
Bugzilla API - ProgrammableWebBugzilla is the bug tracking and reporting system created and used by Mozilla. It is also available for use by other projects and organizations. ...
Resources last updated: 11/28/2015 5:40:57 PM