diff options
| author | Simon Green <sgreen@redhat.com> | 2013-02-19 18:14:59 +0100 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2013-02-19 18:14:59 +0100 |
| commit | 0bd4c361b4a5fe0e0773e77571a84234b8f91f76 (patch) | |
| tree | 4cd125aa182bc215c61dca04f06054a0786e7fa5 /Bugzilla | |
| parent | 7e4fb28341abfe2a5c31645e20c5804229e8eaea (diff) | |
| download | bugzilla-0bd4c361b4a5fe0e0773e77571a84234b8f91f76.tar.gz bugzilla-0bd4c361b4a5fe0e0773e77571a84234b8f91f76.tar.xz | |
Bug 824399: (CVE-2013-0786) [SECURITY] build_subselect() leaks the existence of products and components you cannot access
r/a=LpSolit
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/Config/GroupSecurity.pm | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/Bugzilla/Config/GroupSecurity.pm b/Bugzilla/Config/GroupSecurity.pm index f7f717379..6296583d9 100644 --- a/Bugzilla/Config/GroupSecurity.pm +++ b/Bugzilla/Config/GroupSecurity.pm @@ -81,6 +81,14 @@ sub get_param_list { }, { + name => 'debug_group', + type => 's', + choices => \&_get_all_group_names, + default => 'admin', + checker => \&check_group + }, + + { name => 'usevisibilitygroups', type => 'b', default => 0 |