CVE-2010-2759
Published: 16 August 2010
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
bugzilla Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| hardy |
Ignored
(end of life)
|
|
| jaunty |
Ignored
(end of life)
|
|
| karmic |
Ignored
(end of life)
|
|
| lucid |
Ignored
(end of life)
|
|
| maverick |
Not vulnerable
(3.6.2.0-1)
|
|
| natty |
Not vulnerable
(3.6.2.0-1)
|
|
| oneiric |
Not vulnerable
(3.6.2.0-1)
|
|
| precise |
Does not exist
(dropped by debian)
|
|
| quantal |
Does not exist
(dropped by debian)
|
|
| raring |
Does not exist
(dropped by debian)
|
|
| saucy |
Does not exist
(dropped by debian)
|
|
| upstream |
Released
(3.7.3, 3.6.2, 3.4.8, 3.2.8)
|