Closed Bug 1234237 Opened 9 years ago Closed 9 years ago

Backport upstream bug 1232785 to bmo/4.2 [SECURITY] Buglists in CSV format can be parsed as valid javascript in some browsers

Categories

(bugzilla.mozilla.org :: General, defect)

Product:
bugzilla.mozilla.org
Component:
General
Version:
Production
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: dkl, Assigned: dkl)

References

Details

Attachments

(1 file)

1234237_1.patch
733 bytes, patch
dylan
: review+
Details | Diff | Splinter Review
SSIA
Attached patch 1234237_1.patchSplinter Review
Just a quick sanity check please.
Attachment #8700674 - Flags: review?(dylan)
Attachment #8700674 - Flags: review?(dylan) → review+
hot patched in bugzillaadm:/data/bugzilla/www/bugzilla.mozilla.org, deployed to web heads, and httpd restarted. note: any regular BMO push will overwrite that.
Depends on: CVE-2015-8509
To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git 8f50123..16176cb master -> master
Group: webtools-security
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: