« back to all changes in this revision
Viewing changes to contrib/cmdline/bugslink
- Committer: Bazaar Package Importer
- Date: 2005-10-03 16:51:01 UTC
- mfrom: (1.1.2 upstream)
- Revision ID: james.westby@ubuntu.com-20051003165101-38n0y5qofd68vole
* New upstream minor release
+ Fixed a security issue: It was possible to bypass the "user
visibility groups" restrictions if user-matching was turned on
in "substring" mode.
+ Fixed a security issue: config.cgi exposed information to users who
weren't logged in, even when "requirelogin" was turned on in Bugzilla.
(closes: #331206)
+ Fixed a security issue: It was possible to bypass the "user
visibility groups" restrictions if user-matching was turned on
in "substring" mode.
+ Fixed a security issue: config.cgi exposed information to users who
weren't logged in, even when "requirelogin" was turned on in Bugzilla.
(closes: #331206)
- files added:
- Bugzilla
- Bugzilla/Auth
- Bugzilla/Template
- Bugzilla/Template/Plugin
- contrib/bugzilla-submit
- contrib/gnatsparse
- debian/default-files
- debian/examples
- debian/helper
- debian/patches
- docs/images/callouts
- js
- skins
- skins/standard
- template/en/default/account/auth
- template/en/default/admin/flag-type
- template/en/default/admin/groups
- template/en/default/admin/keywords
- template/en/default/admin/products
- template/en/default/admin/products/groupcontrol
- template/en/default/flag
- template/en/default/pages
- template/en/default/request
- files removed:
- Attachment.pm
- template/en/default/admin/attachstatus
- files modified:
- CGI.pl
added
removed
contrib/cmdline/bugslink
