From b99bee4e257dbce259fbb5b86a2ae12260bbd375 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Fr=C3=A9d=C3=A9ric=20Buclin?= <LpSolit@gmail.com>
Date: Thu, 26 Jul 2012 23:09:32 +0200
Subject: [PATCH] Bug 777586: (CVE-2012-1969) [SECURITY] The description of
 private attachments is still visible to unauthorized users when mentioned in
 a comment r=glob a=LpSolit

---
 Bugzilla/Template.pm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index bb5ff5eda7..153812e96f 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -266,13 +266,16 @@ sub quoteUrls {
 sub get_attachment_link {
     my ($attachid, $link_text) = @_;
     my $dbh = Bugzilla->dbh;
+    my $user = Bugzilla->user;
 
     my $attachment = new Bugzilla::Attachment($attachid);
 
     if ($attachment) {
         my $title = "";
         my $className = "";
-        if (Bugzilla->user->can_see_bug($attachment->bug_id)) {
+        if ($user->can_see_bug($attachment->bug_id)
+            && (!$attachment->isprivate || $user->is_insider))
+        {
             $title = $attachment->description;
         }
         if ($attachment->isobsolete) {
-- 
2.47.3