Closed Bug 149938 Opened 22 years ago Closed 22 years ago

"Confidential-Bugs" are not completely protected -> Security Hole

Categories

(Bugzilla :: Bugzilla-General, defect)

Product:
Bugzilla
Component:
Bugzilla-General
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 99608

People

(Reporter: webmaster, Assigned: justdave)

References

(
URL
)

Details

There are those secret bugs, that are not visible for public. But you can still get information about them!! This is because when the state of such a bug changes and you are listening to a public bug that has the secret bug as dependency, then you get an email saying "secret-bug #?: 'summary of some real bad security hole in Mozilla'" state changed ... Actual Result: So everybody listening to the public bug knows about the secret one and normaly the summary is just enough for hackers to exploit that bug. Expected Result: No summary of secret bugs should be given on state-change-notifications.
Dupe of bug 99608, fixed in CVS, and will be fixed on bmo when it updates on Monday evening. *** This bug has been marked as a duplicate of 99608 ***
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.