Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/show_bug.cgi
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2006-10-15 04:47:32 +0000
committerlpsolit%gmail.com <>2006-10-15 04:47:32 +0000
commit5deb79d853f2b0fce9b2ea5806d27aec77807753 (patch)
treea5e3965b192c67dce825fb94f31aa70921056d41 /show_bug.cgi
parentBug 355728: [SECURITY] XSS in the "id" parameter of showdependencygraph.cgi w... (diff)
downloadbugzilla-5deb79d853f2b0fce9b2ea5806d27aec77807753.tar.gz
bugzilla-5deb79d853f2b0fce9b2ea5806d27aec77807753.tar.bz2
bugzilla-5deb79d853f2b0fce9b2ea5806d27aec77807753.zip
Bug 346564: [SECURITY] timetracking deadline leaks in XML - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
Diffstat (limited to 'show_bug.cgi')
-rwxr-xr-xshow_bug.cgi2
1 files changed, 1 insertions, 1 deletions
diff --git a/show_bug.cgi b/show_bug.cgi
index 8e964b765..a0262393c 100755
--- a/show_bug.cgi
+++ b/show_bug.cgi
@@ -116,7 +116,7 @@ if ($cgi->param("field")) {
}
unless (UserInGroup(Param("timetrackinggroup"))) {
- @fieldlist = grep($_ !~ /_time$/, @fieldlist);
+ @fieldlist = grep($_ !~ /(^deadline|_time)$/, @fieldlist);
}
foreach (@fieldlist) {