It was reported that the Old Charts system in Bugzilla generated graphs with predictable names into the "graphs/" directory, which could also be browsed to view its contents. This would allow unauthorized users to see product names and charted information about those products over time. This issue has been assigned the name CVE-2010-3764 and is corrected in upstream stable releases 3.2.9, 3.4.9, and 3.6.3. References: http://www.bugzilla.org/security/3.2.8/ https://bugzilla.mozilla.org/show_bug.cgi?id=419014
Created bugzilla tracking bugs for this issue Affects: fedora-all [bug 649406]