Keywords page count of bugs includes security bugs that should be hidden

RESOLVED DUPLICATE of bug 253594

Status

()

RESOLVED DUPLICATE of bug 253594
12 years ago
12 years ago

People

(Reporter: bugzilla, Unassigned)

Tracking

Details

(URL)

(Reporter)

Description

12 years ago
https://bugzilla.mozilla.org/describekeywords.cgi gives a count of how many bugs with each keyword there are. For verified1.8.0.9, for example, it says 80. However, when I click on it to see the bug list, I only see 72 bugs. I can only assume that means there are 8 hidden (probably security) bugs with that keyword. The same happens with a bunch of other keywords, most notably the verified1.8.0.* ones.

It's probably a bad idea to let people know there are N non-public security bugs with a given keyword.
Switching to webtools security group, which should really have been picked by the security-group-picking code. Perhaps we have a bug in that too?

Anyway, I can confirm that I see 80 bugs, of which 8 are secure.

We have the following options:

1) Recalculate the totals on each page access (very expensive - many searches)
2) Give totals of public bugs only (bad on installations where every bug is in a 
   group, because it would be 0 or some small misleading number)
3) Remove the totals entirely (loss of useful information, perhaps)
4) Decide that this isn't too bad of a leak

Note that it only gives a number for total bugs rather than open bugs. This means that if, for example, you had a "security" keyword on all security bugs (which we don't), it couldn't tell you the number of open security bugs merely the number of total security bugs (including fixed ones).

I don't see any keywords on b.m.o. which are specifically security-related, so we probably don't have a problem in our installation.

Gerv
Group: security → webtools-security

Comment 2

12 years ago
Removing the security flag as bug 253594 is public and visible for years.
Group: webtools-security
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 253594
You need to log in before you can comment on or make changes to this bug.