Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bugzilla Bug Exposes Zero-Day Bugs

Posted by samzenpus on from the bug-hive dept.

tsu doh nimh writes A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about unfixed vulnerabilities in a broad swath of software. Bugzilla is expected today to issue a fix for this very serious weakness, which potentially exposes a veritable gold mine of vulnerabilities that would be highly prized by cyber criminals and nation-state actors.

4 of 34 comments (clear)

  1. Bug redux? by Anonymous Coward · · Score: 4, Funny

    So I heard you like learning about bugs.

  2. Yo Dawg! by CajunArson · · Score: 4, Funny

    We heard you like bugs. So we introduced a bug in your bug-reporting system so you can exploit one bug to exploit other bugs.

    --
    AntiFA: An abbreviation for Anti First Amendment.
  3. Re:Nice going by kbg · · Score: 4, Funny

    Unfortunately they reported the zero day bug about Bugzilla into Bugzilla :)

  4. Bug in a bug by kbg · · Score: 4, Funny

    Reminds of the day I called the software developer to report about a bug in the bug reporting software that made it unable to save a bug report. His response was (seriously): "Just create a bug report about the problem".