From cf01cf12992578c602c4f56264ee065b263fc621 Mon Sep 17 00:00:00 2001 From: David Lawrence Date: Thu, 24 Jul 2014 16:40:20 +0000 Subject: Bug 1042088 - Release notes for 4.2.10 r=glob --- template/en/default/pages/release-notes.html.tmpl | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'template/en') diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl index f06c7450e..1290ca97f 100644 --- a/template/en/default/pages/release-notes.html.tmpl +++ b/template/en/default/pages/release-notes.html.tmpl @@ -53,6 +53,12 @@

Updates in this 4.2.x Release

+

4.2.10

+ +

This release fixes one security issue. See the + Security Advisory + for details.

+

4.2.9

This release fixes one regression introduced in [% terms.Bugzilla %] 4.2.8 by -- cgit v1.2.3-24-g4f1b From b07267acd0301aef84aa74fc4aea39481cea6ad5 Mon Sep 17 00:00:00 2001 From: David Lawrence Date: Mon, 6 Oct 2014 14:14:47 +0000 Subject: Bug 1072492: Release notes for 4.2.11 r=LpSolit,a=sgreen --- template/en/default/pages/release-notes.html.tmpl | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'template/en') diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl index 1290ca97f..690d334ae 100644 --- a/template/en/default/pages/release-notes.html.tmpl +++ b/template/en/default/pages/release-notes.html.tmpl @@ -53,6 +53,12 @@

Updates in this 4.2.x Release

+

4.2.11

+ +

This release fixes several security issues. See the + Security Advisory + for details.

+

4.2.10

This release fixes one security issue. See the -- cgit v1.2.3-24-g4f1b From ce590bf022ef6c2fc0c0c902d773ec7a53e7e4ad Mon Sep 17 00:00:00 2001 From: Frédéric Buclin Date: Mon, 6 Oct 2014 14:25:06 +0000 Subject: Bug 1075578: [SECURITY] Improper filtering of CGI arguments r=dkl,a=sgreen --- template/en/default/filterexceptions.pl | 1 - template/en/default/global/messages.html.tmpl | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) (limited to 'template/en') diff --git a/template/en/default/filterexceptions.pl b/template/en/default/filterexceptions.pl index 897ab148e..402862734 100644 --- a/template/en/default/filterexceptions.pl +++ b/template/en/default/filterexceptions.pl @@ -186,7 +186,6 @@ ], 'global/messages.html.tmpl' => [ - 'message_tag', 'series.frequency * 2', ], diff --git a/template/en/default/global/messages.html.tmpl b/template/en/default/global/messages.html.tmpl index 2567d4a7a..6cc15ccd8 100644 --- a/template/en/default/global/messages.html.tmpl +++ b/template/en/default/global/messages.html.tmpl @@ -941,7 +941,7 @@ [% IF !message %] [% message = BLOCK %] You are using [% terms.Bugzilla %]'s messaging functions incorrectly. You - passed in the string '[% message_tag %]'. The correct use is to pass + passed in the string '[% message_tag FILTER html %]'. The correct use is to pass in a tag, and define that tag in the file messages.html.tmpl.

If you are a [% terms.Bugzilla %] end-user seeing this message, please -- cgit v1.2.3-24-g4f1b From 976dc12e4ed769bc02ffeb2be03bb1720e885135 Mon Sep 17 00:00:00 2001 From: Simon Green Date: Mon, 6 Oct 2014 14:42:40 +0000 Subject: Bug 1064140: [SECURITY] Private comments can be shown to flagmail recipients who aren't in the insider group r=glob,a=glob --- template/en/default/request/email.txt.tmpl | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'template/en') diff --git a/template/en/default/request/email.txt.tmpl b/template/en/default/request/email.txt.tmpl index 65946a1e1..54bed2e25 100644 --- a/template/en/default/request/email.txt.tmpl +++ b/template/en/default/request/email.txt.tmpl @@ -80,11 +80,14 @@ Attachment [% attidsummary %] [%- FILTER bullet = wrap(80) %] -[% USE Bugzilla %] -[%-# .defined is necessary to avoid a taint issue in Perl < 5.10.1, see bug 509794. %] -[% IF Bugzilla.cgi.param("comment").defined && Bugzilla.cgi.param("comment").length > 0 %] -------- Additional Comments from [% user.identity %] -[%+ Bugzilla.cgi.param("comment") FILTER strip_control_chars %] +[% FOREACH comment = new_comments %] + +[%- IF comment.count %] +--- Comment #[% comment.count %] from [% comment.author.identity %] --- +[% ELSE %] +--- Description --- +[% END %] +[%+ comment.body_full({ is_bugmail => 1, wrap => 1 }) FILTER strip_control_chars %] [% END %] [%- END %] -- cgit v1.2.3-24-g4f1b From 0ec036b02e033a63deacd9a7ca8af7c77394c45f Mon Sep 17 00:00:00 2001 From: Simon Green Date: Mon, 6 Oct 2014 15:01:03 +0000 Subject: Bug 1054702: CSV export vulnerable to formulae injection r=glob,a=glob --- template/en/default/reports/report-table.csv.tmpl | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'template/en') diff --git a/template/en/default/reports/report-table.csv.tmpl b/template/en/default/reports/report-table.csv.tmpl index 4d8b50a85..c978cf981 100644 --- a/template/en/default/reports/report-table.csv.tmpl +++ b/template/en/default/reports/report-table.csv.tmpl @@ -39,11 +39,13 @@ [% END %] [% tbl_field_disp FILTER csv %]: [% tbl_disp FILTER csv %] [% END %] -[% IF row_field %] +[% IF row_field && col_field %] + [% row_field_disp _ ' / ' _ col_field_disp FILTER csv %] +[% ELSIF row_field %] [% row_field_disp FILTER csv %] +[% ELSE %] + [% col_field_disp FILTER csv %] [% END %] -[% " / " IF col_field AND row_field %] -[% col_field_disp FILTER csv %] [% IF col_field -%] [% FOREACH col = col_names -%] [% colsepchar %] -- cgit v1.2.3-24-g4f1b