bugzilla -- multiple vulnerabilities

A Bugzilla Security Advisory reports:

The following security issues have been discovered in Bugzilla:

Internet Explorer 8 and older, and Safari before 5.0.6 do
content sniffing when viewing a patch in “Raw Unified” mode,
which could trigger a cross-site scripting attack due to
the execution of malicious code in the attachment.
It is possible to determine whether or not certain group
names exist while creating or updating bugs.
Attachment descriptions with a newline in them could lead
to the injection of crafted headers in email notifications sent
to the requestee or the requester when editing an attachment
flag.
If an attacker has access to a user’s session, he can modify
that user’s email address without that user being notified
of the change.
Temporary files for uploaded attachments are not deleted
on Windows, which could let a user with local access to
the server read them.
Up to Bugzilla 3.4.11, if a BUGLIST cookie is compromised,
it can be used to inject HTML code when viewing a bug report,
leading to a cross-site scripting attack.

All affected installations are encouraged to upgrade as soon as
possible.