diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 18:47:02 +0200 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 18:47:02 +0200 |
| commit | 935031c50d693cb8d8a1c4c8e1567df6310766da (patch) | |
| tree | 10f5e280d667eef8f762930fa9c0c95a2a634e85 /Bugzilla/Config/Advanced.pm | |
| parent | 280f6a0f92b153f647ab15647017d2e9e90301d2 (diff) | |
| download | bugzilla-935031c50d693cb8d8a1c4c8e1567df6310766da.tar.gz bugzilla-935031c50d693cb8d8a1c4c8e1567df6310766da.tar.xz | |
Bug 728639: (CVE-2012-0465) [SECURITY] User lockout policy can be bypassed by altering the X-FORWARDED-FOR header
r=glob a=LpSolit
Diffstat (limited to 'Bugzilla/Config/Advanced.pm')
| -rw-r--r-- | Bugzilla/Config/Advanced.pm | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Bugzilla/Config/Advanced.pm b/Bugzilla/Config/Advanced.pm index faab6bbbd..941cefc4f 100644 --- a/Bugzilla/Config/Advanced.pm +++ b/Bugzilla/Config/Advanced.pm @@ -46,7 +46,8 @@ use constant get_param_list => ( { name => 'inbound_proxies', type => 't', - default => '' + default => '', + checker => \&check_ip }, { |