diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 18:44:32 +0200 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 18:44:32 +0200 |
commit | 8dd0e8193d51f243b547cc0f4f21f5b3a1375ff2 (patch) | |
tree | e8dc402cbcbb88315400aab3d5bc1287b111539e /Bugzilla/Config/Advanced.pm | |
parent | b2d4b6c8ca356ae75f8e2e69dcb8f7c6e713b94b (diff) | |
download | bugzilla-8dd0e8193d51f243b547cc0f4f21f5b3a1375ff2.tar.gz bugzilla-8dd0e8193d51f243b547cc0f4f21f5b3a1375ff2.tar.xz |
Bug 728639: (CVE-2012-0465) [SECURITY] User lockout policy can be bypassed by altering the X-FORWARDED-FOR header
r=glob a=LpSolit
Diffstat (limited to 'Bugzilla/Config/Advanced.pm')
-rw-r--r-- | Bugzilla/Config/Advanced.pm | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Bugzilla/Config/Advanced.pm b/Bugzilla/Config/Advanced.pm index 7bf4a72f5..fa5b7d249 100644 --- a/Bugzilla/Config/Advanced.pm +++ b/Bugzilla/Config/Advanced.pm @@ -22,7 +22,8 @@ use constant get_param_list => ( { name => 'inbound_proxies', type => 't', - default => '' + default => '', + checker => \&check_ip }, { |