TITLE:
Conectiva update for Bugzilla

SECUNIA ADVISORY ID:
SA10152

VERIFY ADVISORY:
[Only registered and activated users can see links]

CRITICAL:
Moderately critical

IMPACT:
Security Bypass, Manipulation of data, Exposure of sensitive
information, Privilege escalation

WHERE:
From remote

OPERATING SYSTEM:
Conectiva Linux 9

DESCRIPTION:
Conectiva has issued updated packages for bugzilla. These fix
multiple vulnerabilities, which can be exploited by malicious users
to inject arbitrary SQL queries or gain knowledge of sensitive
information.

For more information:
SA10149

SOLUTION:
Apply updated packages.

-- Conectiva Linux 9 --

ftp://atualizacoes.conectiva.com.br/9/RPMS/bugzilla-2.16.4-29154U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/bugzilla-doc-2.16.4-29154U90_1cl.i386.rpm

SRPM:
ftp://atualizacoes.conectiva.com.br/9/SRPMS/bugzilla-2.16.4-29154U90_1cl.src.rpm

OTHER REFERENCES:
SA10149:
[Only registered and activated users can see links]

----------------------------------------------------------------------