[SECURITY] Bug 209742: Under some circumstances, a user can obtain component descript...

author justdave%syndicomm.com <>

Mon, 3 Nov 2003 11:25:51 +0000 (11:25 +0000)

committer justdave%syndicomm.com <>

Mon, 3 Nov 2003 11:25:51 +0000 (11:25 +0000)
author justdave%syndicomm.com <>
Mon, 3 Nov 2003 11:25:51 +0000 (11:25 +0000)
committer justdave%syndicomm.com <>
Mon, 3 Nov 2003 11:25:51 +0000 (11:25 +0000)
diff --git a/describecomponents.cgi b/describecomponents.cgi

index ff7f46ac8785a81808397a7cdc0b533b3b95ce20..05af919491e3b132933cf4f3c041a977cfce6147 100755 (executable)
--- a/describecomponents.cgi
+++ b/describecomponents.cgi
@@ -46,7 +46,7 @@ if (!defined $::FORM{'product'}) {
      # Reference to a subset of %::proddesc, which the user is allowed to see
      my %products;
  
-    if (AnyDefaultGroups()) {
+    if (AnyEntryGroups()) {
          # OK, now only add products the user can see
          confirm_login() unless $::userid;
          foreach my $p (@::legal_product) {
author	justdave%syndicomm.com <>
	Mon, 3 Nov 2003 11:25:51 +0000 (11:25 +0000)
committer	justdave%syndicomm.com <>
	Mon, 3 Nov 2003 11:25:51 +0000 (11:25 +0000)