← Back to branch summary

~ubuntu-branches/ubuntu/edgy/bugzilla/edgy

~ubuntu-branches/ubuntu/edgy/bugzilla/edgy

« back to all changes in this revision

Viewing changes to docs/html/disclaimer.html

Committer: Bazaar Package Importer
Author(s): Alexis Sukrieh
Date: 2005-10-03 16:51:01 UTC
mfrom: (1.1.2 upstream)
Revision ID: james.westby@ubuntu.com-20051003165101-38n0y5qofd68vole

Tags: 2.18.4-1

http://bugs.debian.org/331206

* New upstream minor release
  + Fixed a security issue: It was possible to bypass the "user
    visibility groups" restrictions if user-matching was turned on
    in "substring" mode.
  + Fixed a security issue: config.cgi exposed information to users who
    weren't logged in, even when "requirelogin" was turned on in Bugzilla.
  (closes: #331206)

files added:
Bugzilla

Bugzilla.pm

Bugzilla/Attachment.pm

Bugzilla/Auth

Bugzilla/Auth.pm

Bugzilla/Auth/CGI.pm

Bugzilla/Auth/Cookie.pm

Bugzilla/Auth/DB.pm

Bugzilla/Auth/LDAP.pm

Bugzilla/Bug.pm

Bugzilla/BugMail.pm

Bugzilla/CGI.pm

Bugzilla/Chart.pm

Bugzilla/Config.pm

Bugzilla/Constants.pm

Bugzilla/DB.pm

Bugzilla/Error.pm

Bugzilla/Flag.pm

Bugzilla/FlagType.pm

Bugzilla/RelationSet.pm

Bugzilla/Search.pm

Bugzilla/Series.pm

Bugzilla/Template

Bugzilla/Template.pm

Bugzilla/Template/Plugin

Bugzilla/Template/Plugin/Bugzilla.pm

Bugzilla/Template/Plugin/Hook.pm

Bugzilla/Token.pm

Bugzilla/User.pm

Bugzilla/Util.pm

QUICKSTART

chart.cgi

config.cgi

contrib/bugzilla-submit

contrib/bugzilla-submit/README

contrib/bugzilla-submit/bugdata.txt

contrib/bugzilla-submit/bugzilla-submit

contrib/bugzilla-submit/bugzilla-submit.xml

contrib/bugzilla_ldapsync.rb

contrib/cmdline/bugcount

contrib/cmdline/bugids

contrib/cmdline/bugslink

contrib/cmdline/makequery

contrib/cvs-update.pl

contrib/gnatsparse

contrib/gnatsparse/README

contrib/gnatsparse/gnatsparse.py

contrib/gnatsparse/magic.py

contrib/gnatsparse/specialuu.py

contrib/sendbugmail.pl

contrib/sendunsentbugmail.pl

contrib/syncLDAP.pl

css/duplicates.css

css/global.css

css/show_multiple.css

debian/bugzilla.preinst

debian/compat

debian/copyright

debian/default-files

debian/default-files/index.html

debian/default-files/localconfig

debian/default-files/params

debian/dirs

debian/docs

debian/examples

debian/examples/vh-basic.conf

debian/examples/vh-custom-static.conf

debian/helper

debian/helper/postinst-db.pl

debian/patches

debian/patches/00list

debian/patches/01_datadir.dpatch

debian/patches/01_libpath.dpatch

debian/patches/02_checksetup.dpatch

debian/patches/03_params_path.dpatch

debian/patches/04_cookiepath.dpatch

debian/patches/05_webpath.dpatch

debian/patches/06_contrib.dpatch

debian/patches/07_virtualhosting.dpatch

debian/patches/08_homelink.dpatch

debian/patches/09_showdependencygraph.cgi.dpatch

debian/patches/101_Config.diff

debian/patches/10_bugzilla.dtd.dpatch

debian/po/ca.po

debian/po/cs.po

debian/po/vi.po

docs/html/bug_page.html

docs/html/bugreports.html

docs/html/cmdline-bugmail.html

docs/html/components.html

docs/html/configuration.html

docs/html/cust-change-permissions.html

docs/html/cust-hooks.html

docs/html/customization.html

docs/html/dbmodify.html

docs/html/flags-overview.html

docs/html/flags.html

docs/html/general-advice.html

docs/html/install-perlmodules-manual.html

docs/html/installing-bugzilla.html

docs/html/lifecycle.html

docs/html/list.html

docs/html/milestones.html

docs/html/modules-manual-download.html

docs/html/modules-manual-instructions.html

docs/html/modules-manual-optional.html

docs/html/myaccount.html

docs/html/os-specific.html

docs/html/paranoid-security.html

docs/html/patchviewer.html

docs/html/products.html

docs/html/query.html

docs/html/quips.html

docs/html/reporting.html

docs/html/security-bugzilla.html

docs/html/security-mysql.html

docs/html/security-os.html

docs/html/security-webserver.html

docs/html/trbl-index.html

docs/html/trbl-passwd-encryption.html

docs/html/trbl-relogin-everyone.html

docs/html/trouble-filetemp.html

docs/html/using-intro.html

docs/html/versions.html

docs/html/x2941.html

docs/html/x2948.html

docs/html/x2958.html

docs/html/x2963.html

docs/html/x3017.html

docs/images/bzLifecycle.png

docs/images/bzLifecycle.xml

docs/images/callouts

docs/images/callouts/1.gif

docs/images/callouts/2.gif

docs/images/callouts/3.gif

docs/xml/customization.xml

docs/xml/modules.xml

docs/xml/requiredsoftware.xml

docs/xml/security.xml

docs/xml/troubleshooting.xml

duplicates.xul

editflagtypes.cgi

js

js/duplicates.js

padlock.png

page.cgi

productmenu.js

report.cgi

request.cgi

skins

skins/standard

skins/standard/duplicates.css

skins/standard/global.css

skins/standard/show_multiple.css

t/006spellcheck.t

t/007util.t

t/009bugwords.t

template/en/default/account/auth

template/en/default/account/auth/ldap-error.html.tmpl

template/en/default/account/auth/login.html.tmpl

template/en/default/account/prefs/saved-searches.html.tmpl

template/en/default/admin/flag-type

template/en/default/admin/flag-type/confirm-delete.html.tmpl

template/en/default/admin/flag-type/edit.html.tmpl

template/en/default/admin/flag-type/list.html.tmpl

template/en/default/admin/groups

template/en/default/admin/groups/create.html.tmpl

template/en/default/admin/keywords

template/en/default/admin/keywords/confirm-delete.html.tmpl

template/en/default/admin/keywords/create.html.tmpl

template/en/default/admin/keywords/created.html.tmpl

template/en/default/admin/keywords/edit.html.tmpl

template/en/default/admin/keywords/list.html.tmpl

template/en/default/admin/keywords/rebuild-cache.html.tmpl

template/en/default/admin/products

template/en/default/admin/products/groupcontrol

template/en/default/admin/products/groupcontrol/confirm-edit.html.tmpl

template/en/default/admin/products/groupcontrol/edit.html.tmpl

template/en/default/attachment/choose.html.tmpl

template/en/default/attachment/diff-file.html.tmpl

template/en/default/attachment/diff-footer.html.tmpl

template/en/default/attachment/diff-header.html.tmpl

template/en/default/bug/create/comment-guided.txt.tmpl

template/en/default/bug/create/create-guided.html.tmpl

template/en/default/bug/knob.html.tmpl

template/en/default/bug/process/bugmail.html.tmpl

template/en/default/bug/process/header.html.tmpl

template/en/default/bug/show.html.tmpl

template/en/default/bug/show.xml.tmpl

template/en/default/bug/time.html.tmpl

template/en/default/config.js.tmpl

template/en/default/config.rdf.tmpl

template/en/default/flag

template/en/default/flag/list.html.tmpl

template/en/default/global/confirm-user-match.html.tmpl

template/en/default/global/field-descs.none.tmpl

template/en/default/global/help-header.html.tmpl

template/en/default/global/help.html.tmpl

template/en/default/global/initialize.none.tmpl

template/en/default/global/messages.html.tmpl

template/en/default/global/site-navigation.html.tmpl

template/en/default/global/variables.none.tmpl

template/en/default/list/list.csv.tmpl

template/en/default/list/list.ics.tmpl

template/en/default/list/list.js.tmpl

template/en/default/list/list.rdf.tmpl

template/en/default/pages

template/en/default/pages/bug-writing.html.tmpl

template/en/default/pages/fields.html.tmpl

template/en/default/pages/linked.html.tmpl

template/en/default/pages/linkify.html.tmpl

template/en/default/pages/voting.html.tmpl

template/en/default/reports/chart.csv.tmpl

template/en/default/reports/chart.html.tmpl

template/en/default/reports/chart.png.tmpl

template/en/default/reports/create-chart.html.tmpl

template/en/default/reports/duplicates.rdf.tmpl

template/en/default/reports/edit-series.html.tmpl

template/en/default/reports/menu.html.tmpl

template/en/default/reports/report-bar.png.tmpl

template/en/default/reports/report-line.png.tmpl

template/en/default/reports/report-pie.png.tmpl

template/en/default/reports/report-table.csv.tmpl

template/en/default/reports/report-table.html.tmpl

template/en/default/reports/report.csv.tmpl

template/en/default/reports/report.html.tmpl

template/en/default/reports/series-common.html.tmpl

template/en/default/reports/series.html.tmpl

template/en/default/request

template/en/default/request/email.txt.tmpl

template/en/default/request/queue.html.tmpl

template/en/default/search/search-advanced.html.tmpl

template/en/default/search/search-create-series.html.tmpl

template/en/default/search/search-help.html.tmpl

template/en/default/search/search-report-graph.html.tmpl

template/en/default/search/search-report-select.html.tmpl

template/en/default/search/search-report-table.html.tmpl

template/en/default/search/search-specific.html.tmpl

template/en/default/search/tabs.html.tmpl

testagent.cgi

testserver.pl

files removed:
Attachment.pm

Bug.pm

RelationSet.pm

Token.pm

bug_form.pl

bug_status.html

bugwritinghelp.html

changepassword.cgi

confirmhelp.html

contrib/cvs-update.sh

debian/bugzilla.conffiles

docs/html/database.html

docs/html/dbschema.html

docs/html/how.html

docs/html/introduction.html

docs/html/osx.html

docs/html/programadmin.html

docs/html/rewrite.html

docs/html/stepbystep.html

docs/html/variant-fenris.html

docs/html/variant-issuezilla.html

docs/html/variant-perforce.html

docs/html/variant-redhat.html

docs/html/variant-scarab.html

docs/html/variant-sourceforge.html

docs/html/variants.html

docs/html/whatis.html

docs/html/why.html

docs/html/win32.html

docs/images/dbschema.jpg

docs/images/dbschema.ps

docs/xml/database.xml

docs/xml/gd-makefile.patch

docs/xml/variants.xml

editattachstatuses.cgi

help.html

helpemailquery.html

how_to_mail.html

index.html

localconfig

notargetmilestone.html

patch-154249.diff

patch-200707.diff

patch-250638-2.diff

patch.diff

processmail

queryhelp.cgi

syncshadowdb

template/en/default/admin/attachstatus

template/en/default/admin/attachstatus/create.html.tmpl

template/en/default/admin/attachstatus/delete.html.tmpl

template/en/default/admin/attachstatus/edit.html.tmpl

template/en/default/admin/attachstatus/list.html.tmpl

template/en/default/bug/choose-xml.html.tmpl

template/en/default/list/list-rdf.rdf.tmpl

template/en/default/search/search.html.tmpl

votehelp.html

files modified:
CGI.pl

Makefile

README

UPGRADING-pre-2.8

attachment.cgi

buglist.cgi

bugzilla.dtd

checksetup.pl

colchange.cgi

collectstats.pl

contrib/BugzillaEmail.pm

contrib/README

contrib/bug_email.pl

contrib/bugzilla_email_append.pl

contrib/cmdline/buglist

contrib/cmdline/bugs

contrib/cmdline/query.conf

contrib/mysqld-watcher.pl

createaccount.cgi

css/buglist.css

debian/README.Debian

debian/bugzilla.config

debian/bugzilla.cron.daily

debian/bugzilla.links

debian/bugzilla.postinst

debian/bugzilla.postrm

debian/bugzilla.templates

debian/changelog

debian/control

debian/po/de.po

debian/po/fr.po

debian/po/ja.po

debian/po/nl.po

debian/po/pt_BR.po

debian/po/templates.pot

debian/rules

defparams.pl

describecomponents.cgi

describekeywords.cgi

docs/html/Bugzilla-Guide.html

docs/html/about.html

docs/html/administration.html

docs/html/cmdline.html

docs/html/conventions.html

docs/html/copyright.html

docs/html/credits.html

docs/html/cust-templates.html

docs/html/dbdoc.html

docs/html/disclaimer.html

docs/html/extraconfig.html

docs/html/faq.html

docs/html/gfdl-0.html

docs/html/gfdl-1.html

docs/html/gfdl-10.html

docs/html/gfdl-2.html

docs/html/gfdl-3.html

docs/html/gfdl-4.html

docs/html/gfdl-5.html

docs/html/gfdl-6.html

docs/html/gfdl-7.html

docs/html/gfdl-8.html

docs/html/gfdl-9.html

docs/html/gfdl-howto.html

docs/html/gfdl.html

docs/html/glossary.html

docs/html/groups.html

docs/html/hintsandtips.html

docs/html/index.html

docs/html/installation.html

docs/html/integration.html

docs/html/newversions.html

docs/html/nonroot.html

docs/html/parameters.html

docs/html/patches.html

docs/html/security.html

docs/html/troubleshooting.html

docs/html/upgrading.html

docs/html/useradmin.html

docs/html/userpreferences.html

docs/html/using.html

docs/html/voting.html

docs/pdf/Bugzilla-Guide.pdf

docs/rel_notes.txt

docs/txt/Bugzilla-Guide.txt

docs/xml/Bugzilla-Guide.xml

docs/xml/about.xml

docs/xml/administration.xml

docs/xml/conventions.xml

docs/xml/faq.xml

docs/xml/gfdl.xml

docs/xml/glossary.xml

docs/xml/installation.xml

docs/xml/integration.xml

docs/xml/introduction.xml

docs/xml/patches.xml

docs/xml/using.xml

doeditparams.cgi

duplicates.cgi

editcomponents.cgi

editgroups.cgi

editkeywords.cgi

editmilestones.cgi

editparams.cgi

editproducts.cgi

editusers.cgi

editversions.cgi

enter_bug.cgi

globals.pl

importxml.pl

index.cgi

localconfig.js

long_list.cgi

move.pl

post_bug.cgi

process_bug.cgi

query.cgi

quicksearch.html

quicksearch.js

quicksearchhack.html

quips.cgi

relogin.cgi

reports.cgi

runtests.pl

runtests.sh

sanitycheck.cgi

show_activity.cgi

show_bug.cgi

showattachment.cgi

showdependencygraph.cgi

showdependencytree.cgi

sidebar.cgi

t/001compile.t

t/002goodperl.t

t/003safesys.t

t/004template.t

t/005no_tabs.t

t/008filter.t

t/Support/Files.pm

t/Support/Templates.pm

template/en/default/account/cancel-token.txt.tmpl

template/en/default/account/create.html.tmpl

template/en/default/account/created.html.tmpl

template/en/default/account/email/change-new.txt.tmpl

template/en/default/account/email/change-old.txt.tmpl

template/en/default/account/email/confirm.html.tmpl

template/en/default/account/exists.html.tmpl

template/en/default/account/password/forgotten-password.txt.tmpl

template/en/default/account/password/set-forgotten-password.html.tmpl

template/en/default/account/prefs/account.html.tmpl

template/en/default/account/prefs/email.html.tmpl

template/en/default/account/prefs/footer.html.tmpl

template/en/default/account/prefs/permissions.html.tmpl

template/en/default/account/prefs/prefs.html.tmpl

template/en/default/attachment/content-types.html.tmpl

template/en/default/attachment/create.html.tmpl

template/en/default/attachment/created.html.tmpl

template/en/default/attachment/edit.html.tmpl

template/en/default/attachment/list.html.tmpl

template/en/default/attachment/show-multiple.html.tmpl

template/en/default/attachment/updated.html.tmpl

template/en/default/bug/activity/show.html.tmpl

template/en/default/bug/activity/table.html.tmpl

template/en/default/bug/choose.html.tmpl

template/en/default/bug/comments.html.tmpl

template/en/default/bug/create/create.html.tmpl

template/en/default/bug/create/created.html.tmpl

template/en/default/bug/create/make-template.html.tmpl

template/en/default/bug/create/user-message.html.tmpl

template/en/default/bug/dependency-graph.html.tmpl

template/en/default/bug/dependency-tree.html.tmpl

template/en/default/bug/edit.html.tmpl

template/en/default/bug/navigate.html.tmpl

template/en/default/bug/process/confirm-duplicate.html.tmpl

template/en/default/bug/process/midair.html.tmpl

template/en/default/bug/process/next.html.tmpl

template/en/default/bug/process/results.html.tmpl

template/en/default/bug/process/verify-new-product.html.tmpl

template/en/default/bug/show-multiple.html.tmpl

template/en/default/bug/votes/delete-all.html.tmpl

template/en/default/bug/votes/list-for-bug.html.tmpl

template/en/default/bug/votes/list-for-user.html.tmpl

template/en/default/filterexceptions.pl

template/en/default/global/banner.html.tmpl

template/en/default/global/choose-product.html.tmpl

template/en/default/global/code-error.html.tmpl

template/en/default/global/footer.html.tmpl

template/en/default/global/header.html.tmpl

template/en/default/global/hidden-fields.html.tmpl

template/en/default/global/message.html.tmpl

template/en/default/global/select-menu.html.tmpl

template/en/default/global/useful-links.html.tmpl

template/en/default/global/user-error.html.tmpl

template/en/default/index.html.tmpl

template/en/default/list/change-columns.html.tmpl

template/en/default/list/edit-multiple.html.tmpl

template/en/default/list/list-simple.html.tmpl

template/en/default/list/list.html.tmpl

template/en/default/list/quips.html.tmpl

template/en/default/list/server-push.html.tmpl

template/en/default/list/table.html.tmpl

template/en/default/reports/components.html.tmpl

template/en/default/reports/duplicates-simple.html.tmpl

template/en/default/reports/duplicates-table.html.tmpl

template/en/default/reports/duplicates.html.tmpl

template/en/default/reports/keywords.html.tmpl

template/en/default/search/boolean-charts.html.tmpl

template/en/default/search/form.html.tmpl

template/en/default/search/knob.html.tmpl

template/en/default/sidebar.xul.tmpl

token.cgi

userprefs.cgi

votes.cgi

whineatnews.pl

xml.cgi

Show diffs side-by-side

added added

removed removed

docs/html/disclaimer.html

1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

2

2

<HTML

3

3

><HEAD

4

4

><TITLE

7

7

NAME="GENERATOR"

8

8

CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK

9

9

REL="HOME"

10

TITLE="The Bugzilla Guide - 2.16.7 Release"

10

TITLE="The Bugzilla Guide - 2.18.4 Release"

11

11

HREF="index.html"><LINK

12

12

REL="UP"

13

13

TITLE="About This Guide"

37

37

><TH

38

38

COLSPAN="3"

39

39

ALIGN="center"

40

>The Bugzilla Guide - 2.16.7 Release</TH

40

>The Bugzilla Guide - 2.18.4 Release</TH

41

41

></TR

42

42

><TR

43

43

><TD

78

78

></H1

79

79

><P

80

80

> No liability for the contents of this document can be accepted.

81

Use the concepts, examples, and other content at your own risk.

81

Follow the instructions herein at your own risk.

82

82

This document may contain errors

83

83

and inaccuracies that may damage your system, cause your partner

84

84

to leave you, your boss to fire you, your cats to

86

86

war. Proceed with caution.

87

87

</P

88

88

><P

89

> All copyrights are held by their respective owners, unless

90

specifically noted otherwise. Use of a term in this document

91

should not be regarded as affecting the validity of any

92

trademark or service mark.

93

</P

94

><P

95

89

> Naming of particular products or brands should not be seen as

96

endorsements, with the exception of the term "GNU/Linux". We

97

wholeheartedly endorse the use of GNU/Linux in every situation

98

where it is appropriate. It is an extremely versatile, stable,

90

endorsements, with the exception of the term "GNU/Linux". We

91

wholeheartedly endorse the use of GNU/Linux; it is an extremely

92

versatile, stable,

99

93

and robust operating system that offers an ideal operating

100

94

environment for Bugzilla.

101

95

</P

102

96

><P

103

> You are strongly recommended to make a backup of your system

104

before installing Bugzilla and at regular intervals thereafter.

105

If you implement any suggestion in this Guide, implement this one!

106

</P

107

><P

108

97

> Although the Bugzilla development team has taken great care to

109

ensure that all easily-exploitable bugs or options are

110

documented or fixed in the code, security holes surely exist.

111

Great care should be taken both in the installation and usage of

112

this software. Carefully consider the implications of installing

113

other network services with Bugzilla. The Bugzilla development

114

team members, Netscape Communications, America Online Inc., and

115

any affiliated developers or sponsors assume no liability for

116

your use of this product. You have the source code to this

117

product, and are responsible for auditing it yourself to ensure

98

ensure that all exploitable bugs have been fixed, security holes surely

99

exist in any piece of code. Great care should be taken both in

100

the installation and usage of this software. The Bugzilla development

101

team members assume no liability for your use of Bugzilla. You have

102

the source code, and are responsible for auditing it yourself to ensure

118

103

your security needs are met.

119

104

</P

120

105

></DIV

Older »