From 2d792a108434d9ea59ebf75ae09fb69cbab6fb71 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Wed, 28 Dec 2011 23:11:44 +0100
Subject: Bug 711714: (CVE-2011-3667) [SECURITY] The
 User.offer_account_by_email WebService method lets you create new user
 accounts independently of the value of
 Bugzilla::Auth::Verify::*::user_can_create_account r=glob a=LpSolit

---
 Bugzilla/WebService/Constants.pm | 1 +
 1 file changed, 1 insertion(+)

(limited to 'Bugzilla/WebService/Constants.pm')

diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm
index 123b14d68..ab3111eed 100644
--- a/Bugzilla/WebService/Constants.pm
+++ b/Bugzilla/WebService/Constants.pm
@@ -130,6 +130,7 @@ use constant WS_ERROR_CODE => {
     # User errors are 500-600.
     account_exists        => 500,
     illegal_email_address => 501,
+    auth_cant_create_account    => 501,
     account_creation_disabled   => 501,
     account_creation_restricted => 501,
     password_too_short    => 502,
-- 
cgit v1.2.3-24-g4f1b