Ubuntu
sitebar package

[sitebar] Several remote vulnerabilities

Bug #175319 reported by disabled.user
258
Affects Status Importance Assigned to Milestone
sitebar (Debian)
Fix Released
Unknown
sitebar (Ubuntu)
Fix Released
Undecided
Unassigned
Dapper
Won't Fix
Undecided
Unassigned
Edgy
Won't Fix
Undecided
Unassigned
Feisty
Won't Fix
Undecided
Unassigned
Gutsy
Won't Fix
Undecided
Unassigned
Hardy
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: sitebar

References:
DSA-1423-1 (http://www.debian.org/security/2007/dsa-1423)

Quoting:
"Several remote vulnerabilities have been discovered in sitebar, a web based bookmark manager written in PHP."

For further information, see Debian's BTS and the CVS links.

Revision history for this message
disabled.user (disabled.user-deactivatedaccount) wrote :

I was trying to add the mentioned Debian bugs from the DSA, but unfortunately launchpad only lets me add one bug per package per distribution. Here are the direct links, just for convenience:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447135
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448689
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448690

Bug Watch Updater (bug-watch-updater)
Changed in sitebar:
status: Unknown → Fix Released
Revision history for this message
Wouter Stomp (wouterstomp-deactivatedaccount) wrote :

These have all been fixed in hardy in 3.3.8-12.1. Does this need to be backported?

Revision history for this message
Stephan Rügamer (sruegamer) wrote :

Well,

someone needs to check the versions in gutsy, feisty, edgy, dapper, if they are vulnerable too.

Anyone? Emgent?

\sh

William Grant (wgrant)
Changed in sitebar:
status: New → Fix Released
Revision history for this message
Hew (hew) wrote :

Ubuntu Edgy Eft is no longer supported, so a SRU will not be issued for this release. Marking Edgy as Won't Fix.

Changed in sitebar:
status: New → Won't Fix
Revision history for this message
Hew (hew) wrote :

Ubuntu Feisty Fawn is no longer supported, so a SRU will not be issued for this release. Marking Feisty as Won't Fix.

Changed in sitebar:
status: New → Won't Fix
Revision history for this message
Sergio Zanchetta (primes2h) wrote :

The 18 month support period for Gutsy Gibbon 7.10 has reached its end of life -
http://www.ubuntu.com/news/ubuntu-7.10-eol . As a result, we are closing the
Gutsy task.

Changed in sitebar (Ubuntu Gutsy):
status: New → Won't Fix
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. dapper has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against dapper is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

Changed in sitebar (Ubuntu Dapper):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.