diff options
author | justdave%syndicomm.com <> | 2008-04-04 13:47:32 +0200 |
---|---|---|
committer | justdave%syndicomm.com <> | 2008-04-04 13:47:32 +0200 |
commit | d2dfb167dd3aff403350f35b27fbe62b07049ca6 (patch) | |
tree | 2652c2fa67d3f8e1f42e5645bc0127471061ce9c | |
parent | f8ae6c3c40afb3d1ee44e36a8a8a6e6784a70105 (diff) | |
download | bugzilla-d2dfb167dd3aff403350f35b27fbe62b07049ca6.tar.gz bugzilla-d2dfb167dd3aff403350f35b27fbe62b07049ca6.tar.xz |
addition to 2.12 release notes
-rw-r--r-- | docs/en/rel_notes.txt | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/docs/en/rel_notes.txt b/docs/en/rel_notes.txt index 4def4caf3..81807ef4f 100644 --- a/docs/en/rel_notes.txt +++ b/docs/en/rel_notes.txt @@ -60,6 +60,10 @@ bugzilla.mozilla.org. middle. (bug 29820) +- Some security holes have been fixed where shell escape characters + could be passed to Bugzilla, allowing remote users to execute + system commands on the web server. + *** Other changes of note *** - Bug titles now appear in the page title, and will hence |