When using CVS to upgrade Bugzilla to 3.6.10 or 4.0.7 using the BUGZILLA-3_6-STABLE or BUGZILLA-4_0-STABLE tag, the list/list.js.tmpl template is restored despite it has been removed from the repo to fix CVE-2012-0466, see bug 745397: # cvs -q up -rBUGZILLA-4_0_7 -dP cvs update: template/en/default/list/list.js.tmpl is no longer in the repository # cvs -q up -rBUGZILLA-4_0-STABLE -dP U template/en/default/list/list.js.tmpl This is pretty critical, because this means that all installations using the -STABLE cvs tag to upgrade (e.g. GCC Bugzilla) are still vulnerable to this issue.
I just realized that the Bugzilla_Stable tag still points to rev 1.3 of list.js.tmpl, which is incorrect. It should be removed from there too.
Verified fixed now for BUGZILLA-4_0_7, BUGZILLA-4_0-STABLE and Bugzilla_Stable. Closing.