diff options
author | justdave%syndicomm.com <> | 2001-04-28 04:32:27 +0200 |
---|---|---|
committer | justdave%syndicomm.com <> | 2001-04-28 04:32:27 +0200 |
commit | c2542b405b6c5581281eab9a349a99b7ff337966 (patch) | |
tree | a04f5248512eb151884223d4b071e14c1dafd41e | |
parent | 717c718b16704fd0b0a451f4dcfbce9cd120d773 (diff) | |
download | bugzilla-c2542b405b6c5581281eab9a349a99b7ff337966.tar.gz bugzilla-c2542b405b6c5581281eab9a349a99b7ff337966.tar.xz |
addition to 2.12 release notes
-rw-r--r-- | docs/rel_notes.txt | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/docs/rel_notes.txt b/docs/rel_notes.txt index 4def4caf3..81807ef4f 100644 --- a/docs/rel_notes.txt +++ b/docs/rel_notes.txt @@ -60,6 +60,10 @@ bugzilla.mozilla.org. middle. (bug 29820) +- Some security holes have been fixed where shell escape characters + could be passed to Bugzilla, allowing remote users to execute + system commands on the web server. + *** Other changes of note *** - Bug titles now appear in the page title, and will hence |