8
cd "$1" && patch -p1 < "$0"
12
Description: CVE-2011-2979/2380 Group Information Leak
13
Origin: http://bzr.mozilla.org/bugzilla/3.6/revision/7251
14
Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=753447
16
--- a/Bugzilla/Bug.pm 2010-10-28 15:27:58 +0000
17
+++ b/Bugzilla/Bug.pm 2011-08-04 20:13:15 +0000
19
|| ThrowUserError("invalid_group_ID");
21
# This can only happen if somebody hacked the enter_bug form.
22
- ThrowCodeError("inactive_group", { name => $group->name })
23
+ ThrowCodeError("inactive_group", { group_id => $id })
24
unless $group->is_active;
26
my $membercontrol = $controls->{$id}
28
--- a/template/en/default/global/code-error.html.tmpl 2010-12-30 16:50:29 +0000
29
+++ b/template/en/default/global/code-error.html.tmpl 2011-08-04 20:13:15 +0000
31
A legal [% field FILTER html %] was not set.
33
[% ELSIF error == "inactive_group" %]
34
- Attempted to add [% terms.bug %] to the '[% name FILTER html %]'
35
- group, which is not used for [% terms.bugs %].
36
+ Attempted to add [% terms.abug %] to group ID [% group_id FILTER html %],
37
+ which is not used for [% terms.bugs %].
39
[% ELSIF error == "invalid_attach_id_to_obsolete" %]
40
The attachment number of one of the attachments you wanted to obsolete,