-
Committer:
Bazaar Package Importer
-
Author(s):
Alexis Sukrieh
-
Date:
2005-10-03 16:51:01 UTC
-
mfrom:
(1.1.2 upstream)
-
Revision ID:
james.westby@ubuntu.com-20051003165101-38n0y5qofd68vole
Tags: 2.18.4-1
* New upstream minor release
+ Fixed a security issue: It was possible to bypass the "user
visibility groups" restrictions if user-matching was turned on
in "substring" mode.
+ Fixed a security issue: config.cgi exposed information to users who
weren't logged in, even when "requirelogin" was turned on in Bugzilla.
(closes: #331206)