Bug 577139: (CVE-2010-2758) [SECURITY] request.cgi and duplicates.cgi let you know...

author Frédéric Buclin <LpSolit@gmail.com>

Wed, 4 Aug 2010 21:56:43 +0000 (23:56 +0200)

committer Frédéric Buclin <LpSolit@gmail.com>

Wed, 4 Aug 2010 21:56:43 +0000 (23:56 +0200)
author Frédéric Buclin <LpSolit@gmail.com>
Wed, 4 Aug 2010 21:56:43 +0000 (23:56 +0200)
committer Frédéric Buclin <LpSolit@gmail.com>
Wed, 4 Aug 2010 21:56:43 +0000 (23:56 +0200)
diff --git a/request.cgi b/request.cgi

index b54477cb19097189a96192778e77a74f38bba182..637fb2e5f294a79be928acb3857beeecb13eb8c9 100755 (executable)
--- a/request.cgi
+++ b/request.cgi
@@ -206,7 +206,7 @@ sub queue {
      
      # Filter results by exact product or component.
      if (defined $cgi->param('product') && $cgi->param('product') ne "") {
-        my $product = Bugzilla::Product::check_product(scalar $cgi->param('product'));
+        my $product = Bugzilla::Product->check(scalar $cgi->param('product'));
          push(@criteria, "bugs.product_id = " . $product->id);
          push(@excluded_columns, 'product') unless $cgi->param('do_union');
          if (defined $cgi->param('component') && $cgi->param('component') ne "") {
author	Frédéric Buclin <LpSolit@gmail.com>
	Wed, 4 Aug 2010 21:56:43 +0000 (23:56 +0200)
committer	Frédéric Buclin <LpSolit@gmail.com>
	Wed, 4 Aug 2010 21:56:43 +0000 (23:56 +0200)