---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Debian update for bugzilla SECUNIA ADVISORY ID: SA22826 VERIFY ADVISORY: http://secunia.com/advisories/22826/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Privilege escalation WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for bugzilla. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, and by malicious people to conduct cross-site scripting attacks. For more information: SA18218 SA22409 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/b/bugzilla/bugzilla_2.16.7-7sarge2.dsc Size/MD5 checksum: 672 94d9f5a0686916545b0a2331cf701e9b http://security.debian.org/pool/updates/main/b/bugzilla/bugzilla_2.16.7-7sarge2.diff.gz Size/MD5 checksum: 58117 4b7c3e3f2dd3a25c85cc422431915355 http://security.debian.org/pool/updates/main/b/bugzilla/bugzilla_2.16.7.orig.tar.gz Size/MD5 checksum: 1378708 b3f3fcac3103c139a218e7316a9bbcc7 Architecture independent components: http://security.debian.org/pool/updates/main/b/bugzilla/bugzilla-doc_2.16.7-7sarge2_all.deb Size/MD5 checksum: 572342 353444279ff5ea591fdc70aaf18fa690 http://security.debian.org/pool/updates/main/b/bugzilla/bugzilla_2.16.7-7sarge2_all.deb Size/MD5 checksum: 368594 93e7597ee670fe72b8a68f796a5f4b4d -- Debian GNU/Linux unstable alias sid -- Fixed in version 2.22.1-1. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1208 OTHER REFERENCES: SA18218: http://secunia.com/advisories/18218/ SA22409: http://secunia.com/advisories/22409/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------