[Interchange-bugs] [Bug 167] Changed - do_view without security check
bugzilla-daemon@localhost.akopia.com
bugzilla-daemon@localhost.akopia.com
Sat, 14 Apr 2001 18:51:22 -0400
http://developer.akopia.com/bugs/show_bug.cgi?id=167
*** shadow/167 Fri Apr 13 15:42:13 2001
--- shadow/167.tmp.16567 Sat Apr 14 18:51:21 2001
***************
*** 3,10 ****
Version: 4.6.4
Platform: All
OS/Version: All
! Status: NEW
! Resolution:
Severity: critical
Priority: P1
Component: UI
--- 3,10 ----
Version: 4.6.4
Platform: All
OS/Version: All
! Status: RESOLVED
! Resolution: FIXED
Severity: critical
Priority: P1
Component: UI
***************
*** 38,40 ****
--- 38,43 ----
It looks like your analysis is correct, Merlyn. Thanks for reporting this. We're
checking whether any other similar holes exist and once we have a general patch,
we'll release it and tell the user community.
+
+ ------- Additional Comments From jon@akopia.com 2001-04-14 18:51 -------
+ Fix in 4.6.5 and development branch. Security advisory to be released Monday.