From 8dd0e8193d51f243b547cc0f4f21f5b3a1375ff2 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Wed, 18 Apr 2012 18:44:32 +0200
Subject: Bug 728639: (CVE-2012-0465) [SECURITY] User lockout policy can be
 bypassed by altering the X-FORWARDED-FOR header r=glob a=LpSolit

---
 Bugzilla/Config/Advanced.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'Bugzilla/Config/Advanced.pm')

diff --git a/Bugzilla/Config/Advanced.pm b/Bugzilla/Config/Advanced.pm
index 7bf4a72f5..fa5b7d249 100644
--- a/Bugzilla/Config/Advanced.pm
+++ b/Bugzilla/Config/Advanced.pm
@@ -22,7 +22,8 @@ use constant get_param_list => (
   {
    name => 'inbound_proxies',
    type => 't',
-   default => ''
+   default => '',
+   checker => \&check_ip
   },
 
   {
-- 
cgit v1.2.3-24-g4f1b