572940 - A field must be specified when looking for changes in some given time frame

Status: RESOLVED WORKSFORME

(Bugzilla :: Query/Bug List, defect)

Description

[Nelson Bolyard (seldom reads bugmail)]

There were numerous NSS bugs worked on in calendar 2005, 2006 and 2007 
for which CVS- vulnerability numbers were assigned.  Those bugs have 
comments that bear the string of the CVE number.  
One example is bug 330114 which bears a comment with this line:

  Related to CVE-2006-4340 : unchecked garbage in PKCS v1.5 blocks

Yet a search for all NSS bugs modified between 1-Jan-2005 and 1-Jan-2008
bearing the string CVE-20 consistently finds NO bugs at all!  Consequently
I spent over an hour searching for a bug that should have been found in just
minutes.  

Here's a sample search that produces empty results, but shouldn't.

https://bugzilla.mozilla.org/buglist.cgi?chfieldto=2008-01-01&query_format=advanced&order=Bug%20Number&chfieldfrom=2005-01-01&longdesc=CVE-20&longdesc_type=substring&product=NSS

Comment 1

[Reed Loden [:reed]]

This isn't a BMO issue.

You can't really use chfieldfrom and chfieldto without a chfield... Notice that this works just fine:

https://bugzilla.mozilla.org/buglist.cgi?chfieldto=2008-01-01&query_format=advanced&chfield=[Bug%20creation]&chfieldfrom=2005-01-01&longdesc=CVE-20&product=NSS&longdesc_type=substring

Comment 2

[Nelson Bolyard (seldom reads bugmail)]

I see, but I'm looking for bugs that experienced ANY change at all during 
those years.

Comment 3

[Frédéric Buclin]

WFM in Bugzilla 4.0. No idea which bug fixed the problem.