From d010759a987a18ee44a515e5d1cc266f154e01a8 Mon Sep 17 00:00:00 2001
From: Dylan William Hardison <dylan@hardison.net>
Date: Fri, 16 Feb 2018 11:17:55 -0500
Subject: Bug 1433400 (CVE-2018-5123) Prevent cross-site image requests from
 leaking contents of certain fields due to regex search

---
 attachment.cgi | 1 +
 1 file changed, 1 insertion(+)

(limited to 'attachment.cgi')

diff --git a/attachment.cgi b/attachment.cgi
index d1523d248..d1b260407 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -41,6 +41,7 @@ use File::Basename qw(basename);
 local our $cgi = Bugzilla->cgi;
 local our $template = Bugzilla->template;
 local our $vars = {};
+local $Bugzilla::CGI::ALLOW_UNSAFE_RESPONSE = 1;
 
 ################################################################################
 # Main Body Execution
-- 
cgit v1.2.3-24-g4f1b