From: Cédric C. <psy...@us...> - 2012-11-14 20:32:19
|
Update of /cvsroot/frenchmozilla/bugzilla/template/fr/default/bug In directory vz-cvs-3.sog:/tmp/cvs-serv21753/template/fr/default/bug Modified Files: edit.html.tmpl field-events.js.tmpl Log Message: Bug 731178 (CVE-2012-4199): [SECURITY] field-events.js.tmpl discloses product and component names that the user is not allowed to see Index: field-events.js.tmpl =================================================================== RCS file: /cvsroot/frenchmozilla/bugzilla/template/fr/default/bug/field-events.js.tmpl,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** field-events.js.tmpl 29 Feb 2012 19:25:23 -0000 1.7 --- field-events.js.tmpl 14 Nov 2012 20:32:17 -0000 1.8 *************** *** 14,22 **** [% FOREACH controlled_field = field.controls_visibility_of %] showFieldWhen('[% controlled_field.name FILTER js %]', '[% field.name FILTER js %]', [ ! [%- FOREACH visibility_value = controlled_field.visibility_values -%] ! '[%- visibility_value.name FILTER js -%]'[% "," UNLESS loop.last %] ! [%- END %] ]); [% END %] --- 14,33 ---- [% FOREACH controlled_field = field.controls_visibility_of %] + [% vis_names = [] %] + [% FOREACH visibility_value = controlled_field.visibility_values %] + [%# Exclude non-enterable products and components outside the current product. %] + [% NEXT IF field.name == "product" + && visibility_value.id != product.id + && !user.can_enter_product(visibility_value) %] + [% NEXT IF field.name == "component" && visibility_value.product_id != product.id %] + [% vis_names.push(visibility_value.name) %] + [% END %] + + [% NEXT UNLESS vis_names.size %] showFieldWhen('[% controlled_field.name FILTER js %]', '[% field.name FILTER js %]', [ ! [%~ FOREACH vis_name = vis_names ~%] ! '[% vis_name FILTER js %]'[% "," UNLESS loop.last %] ! [%~ END ~%] ]); [% END %] Index: edit.html.tmpl =================================================================== RCS file: /cvsroot/frenchmozilla/bugzilla/template/fr/default/bug/edit.html.tmpl,v retrieving revision 1.138 retrieving revision 1.139 diff -C2 -d -r1.138 -r1.139 *** edit.html.tmpl 10 Nov 2012 20:51:57 -0000 1.138 --- edit.html.tmpl 14 Nov 2012 20:32:17 -0000 1.139 *************** *** 9,14 **** [% PROCESS bug/time.html.tmpl %] ! <script type="text/javascript"> ! <!-- [% IF user.is_timetracker %] var fRemainingTime = [% bug.remaining_time %]; // holds the original value --- 9,14 ---- [% PROCESS bug/time.html.tmpl %] ! <script type="text/javascript"> ! <!-- [% IF user.is_timetracker %] var fRemainingTime = [% bug.remaining_time %]; // holds the original value *************** *** 31,34 **** --- 31,35 ---- [% END %] + [% IF user.id %] /* Index all classifications so we can keep track of the classification * for the selected product, which could control field visibility. *************** *** 39,45 **** [%- product.classification.name FILTER js %]'; [%- END %] ! //--> ! </script> <form name="changeform" id="changeform" method="post" action="process_bug.cgi"> --- 40,47 ---- [%- product.classification.name FILTER js %]'; [%- END %] + [% END %] ! //--> ! </script> <form name="changeform" id="changeform" method="post" action="process_bug.cgi"> |