diff options
| author | mkanat%kerio.com <> | 2005-05-12 11:07:09 +0200 |
|---|---|---|
| committer | mkanat%kerio.com <> | 2005-05-12 11:07:09 +0200 |
| commit | e2252835e8e96371d6536af5dbd72a79e6ed05b5 (patch) | |
| tree | c76c89f4a2fc3e7c0e9172efd988d8d49c0c4e5f /enter_bug.cgi | |
| parent | 8f2bc1b07ce4150a878e80f5bce09e819cbfd414 (diff) | |
| download | bugzilla-e2252835e8e96371d6536af5dbd72a79e6ed05b5.tar.gz bugzilla-e2252835e8e96371d6536af5dbd72a79e6ed05b5.tar.xz | |
Bug 287109: [SECURITY] Names of private products/components can be exposed on certain CGIs
Patch By Frederic Buclin <LpSolit@gmail.com> r=myk, r=joel, a=justdave
Diffstat (limited to 'enter_bug.cgi')
| -rwxr-xr-x | enter_bug.cgi | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/enter_bug.cgi b/enter_bug.cgi index 924977a3e..f3437b7ed 100755 --- a/enter_bug.cgi +++ b/enter_bug.cgi @@ -292,10 +292,7 @@ if ($cloned_bug_id) { # We need to check and make sure # that the user has permission to enter a bug against this product. -if(!CanEnterProduct($product)) -{ - ThrowUserError("entry_access_denied", { product => $product}); -} +CanEnterProductOrWarn($product); GetVersionTable(); |