Bug 824399: (CVE-2013-0786) [SECURITY] build_subselect() leaks the existence of products and components you cannot access

r/a=LpSolit
author: Simon Green <sgreen@redhat.com> 2013-02-19 18:14:59 +0100
committer: Frédéric Buclin <LpSolit@gmail.com> 2013-02-19 18:14:59 +0100
commit: 0bd4c361b4a5fe0e0773e77571a84234b8f91f76 (patch)
tree: 4cd125aa182bc215c61dca04f06054a0786e7fa5 /Bugzilla/Config/GroupSecurity.pm
parent: 7e4fb28341abfe2a5c31645e20c5804229e8eaea (diff)
download: bugzilla-0bd4c361b4a5fe0e0773e77571a84234b8f91f76.tar.gz
bugzilla-0bd4c361b4a5fe0e0773e77571a84234b8f91f76.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/Bugzilla/Config/GroupSecurity.pm b/Bugzilla/Config/GroupSecurity.pm
index f7f717379..6296583d9 100644
--- a/Bugzilla/Config/GroupSecurity.pm
+++ b/Bugzilla/Config/GroupSecurity.pm
@@ -81,6 +81,14 @@ sub get_param_list {
   },
   
   {
+   name => 'debug_group',
+   type => 's',
+   choices => \&_get_all_group_names,
+   default => 'admin',
+   checker => \&check_group
+  },
+  
+  {
    name => 'usevisibilitygroups',
    type => 'b',
    default => 0
author	Simon Green <sgreen@redhat.com>	2013-02-19 18:14:59 +0100
committer	Frédéric Buclin <LpSolit@gmail.com>	2013-02-19 18:14:59 +0100
commit	0bd4c361b4a5fe0e0773e77571a84234b8f91f76 (patch)
tree	4cd125aa182bc215c61dca04f06054a0786e7fa5 /Bugzilla/Config/GroupSecurity.pm
parent	7e4fb28341abfe2a5c31645e20c5804229e8eaea (diff)
download	bugzilla-0bd4c361b4a5fe0e0773e77571a84234b8f91f76.tar.gz bugzilla-0bd4c361b4a5fe0e0773e77571a84234b8f91f76.tar.xz