Gentoo Security Advisory GLSA 201211-01 (MantisBT)

  1. Network Vulnerabilities
  2. Gentoo Local Security Checks
  3. Gentoo Security Advisory GLSA 201211-01 (MantisBT)
Summary
The remote host is missing updates announced in advisory GLSA 201211-01.
Solution
All MantisBT users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/mantisbt-1.2.11' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201211-01 http://bugs.gentoo.org/show_bug.cgi?id=348761 http://bugs.gentoo.org/show_bug.cgi?id=381417 http://bugs.gentoo.org/show_bug.cgi?id=386153 http://bugs.gentoo.org/show_bug.cgi?id=407121 http://bugs.gentoo.org/show_bug.cgi?id=420375
Insight
Multiple vulnerabilities have been found in MantisBT, the worst of which allowing for local file inclusion.
Severity
High Severity
Classification
Related Vulnerabilities