Closed
Bug 314198
Opened 20 years ago
Closed 20 years ago
Query.cgi leaks product names (again)
Categories
(Bugzilla :: Query/Bug List, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.22
People
(Reporter: bugreport, Assigned: bugreport)
Details
(Keywords: regression)
Attachments
(1 file)
|
1.16 KB,
patch
|
LpSolit
:
review+
|
Details | Diff | Splinter Review |
This is a close cousin of bug 312933
2.20 should not be effected
The "find a specific bug" form has the same leak.
|
Assignee | |
Comment 1•20 years ago
|
||
|
|
||
Comment 2•20 years ago
|
||
I would say that this is a security issue in a released version (2.21.1), yes?
Group: webtools-security
|
|
Assignee | |
Comment 3•20 years ago
|
||
This was introduced by bug 306601 that landed since 2.21.1
|
|
Assignee | |
Comment 4•20 years ago
|
||
justdave yeah, bug that created it landed after 2.20.1 went out.
justdave er, 2.21.1
justdave so there's never been a release containing it
justdave just fix it
We'll land the fix as soon as it is ready and drop the security flag then.
|
|
||
Comment 5•20 years ago
|
||
Comment on attachment 201135 [details] [diff] [review]
Patch - check can_see_product
r=LpSolit
Attachment #201135 -
Flags: review? → review+
|
|
||
Updated•20 years ago
|
Flags: approval?
|
||
Updated•20 years ago
|
Flags: approval? → approval+
|
|
Assignee | |
Comment 6•20 years ago
|
||
Checking in template/en/default/search/search-specific.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/search/search-specific.ht
ml.tmpl,v <-- search-specific.html.tmpl
new revision: 1.15; previous revision: 1.14
done
Group: webtools-security
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•