diff options
| author | wurblzap%gmail.com <> | 2006-10-21 03:52:24 +0200 |
|---|---|---|
| committer | wurblzap%gmail.com <> | 2006-10-21 03:52:24 +0200 |
| commit | ea2d2a47281ac947297587c2619df190bf3c23c4 (patch) | |
| tree | 61367f4bdb2fa5d419a0aedd29e675b5801c3d83 /userprefs.cgi | |
| parent | c2f38f17cfa3aad8a13ee6eb02944b52d9e79037 (diff) | |
| download | bugzilla-ea2d2a47281ac947297587c2619df190bf3c23c4.tar.gz bugzilla-ea2d2a47281ac947297587c2619df190bf3c23c4.tar.xz | |
Bug 340538: Insecure dependency in exec while running with -T switch at /usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16.
Patch by Marc Schumann <wurblzap@gmail.com>,
r=LpSolit, a=myk
Diffstat (limited to 'userprefs.cgi')
| -rwxr-xr-x | userprefs.cgi | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/userprefs.cgi b/userprefs.cgi index d06e486ef..e8a045c4e 100755 --- a/userprefs.cgi +++ b/userprefs.cgi @@ -100,7 +100,6 @@ sub SaveAccount { if ($cgi->param('Bugzilla_password') ne $pwd1) { my $cryptedpassword = bz_crypt($pwd1); - trick_taint($cryptedpassword); # Only used in a placeholder $dbh->do(q{UPDATE profiles SET cryptpassword = ? WHERE userid = ?}, @@ -129,7 +128,6 @@ sub SaveAccount { # Before changing an email address, confirm one does not exist. validate_email_syntax($new_login_name) || ThrowUserError('illegal_email_address', {addr => $new_login_name}); - trick_taint($new_login_name); is_available_username($new_login_name) || ThrowUserError("account_exists", {email => $new_login_name}); |