Candidate: CVE-2010-2757
PublicDate: 2010-08-16 15:14:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757
Description:
 The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7,
 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send
 impersonation notifications, which makes it easier for remote authenticated
 users to impersonate other users without discovery.
Ubuntu-Description:
Notes:
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS: 

Patches_bugzilla:
upstream_bugzilla: released (3.7.3, 3.6.2, 3.4.8, 3.2.8)
dapper_bugzilla: ignored (reached end-of-life)
hardy_bugzilla: ignored (reached end-of-life)
jaunty_bugzilla: ignored (reached end-of-life)
karmic_bugzilla: ignored (reached end-of-life)
lucid_bugzilla: ignored (reached end-of-life)
maverick_bugzilla: not-affected (3.6.2.0-1)
natty_bugzilla: not-affected (3.6.2.0-1)
oneiric_bugzilla: not-affected (3.6.2.0-1)
precise_bugzilla: DNE (dropped by debian)
quantal_bugzilla: DNE (dropped by debian)
raring_bugzilla: DNE (dropped by debian)
saucy_bugzilla: DNE (dropped by debian)
devel_bugzilla: DNE (dropped by debian)