Bug 933195 (CVE-2015-3935) - CVE-2015-3935: dolibarr HTML injection
Summary: CVE-2015-3935: dolibarr HTML injection
Status: RESOLVED FIXED
Alias: CVE-2015-3935
Product: openSUSE.org
Classification: openSUSE
Component: 3rd party software (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: ---
Assignee: Forgotten User VqPc1q7cv6
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-06-02 08:46 UTC by Andreas Stieger
Modified: 2015-11-10 00:51 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Swamp Workflow Management 2015-06-02 22:00:14 UTC 
bugbot adjusting priority
Comment 2 Forgotten User VqPc1q7cv6 2015-11-08 18:56:57 UTC 
Bug was related to 3.5 and 3.7 branch.
It is already fixed into 3.8 branch.
Comment 3 Andreas Stieger 2015-11-09 08:46:25 UTC 
(In reply to Laurent Destailleur from comment #2)
> Bug was related to 3.5 and 3.7 branch.
> It is already fixed into 3.8 branch.

Thanks for checking. I see that _service:download_src_package:dolibarr-3.6.1.tgz  is still present in the package, you may want to remove it if it is no longer required.
Comment 4 Forgotten User VqPc1q7cv6 2015-11-10 00:51:45 UTC 
_service:download_src_package:dolibarr-3.6.1.tgz was removed.