From dc51769c9f7fb84ac2e43112f2d106a4770f5781 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Mon, 2 Feb 2009 18:33:29 +0000
Subject: =?UTF-8?q?Bug=2026257:=20[SECURITY]=20Bugzilla=20should=20prevent?=
 =?UTF-8?q?=20malicious=20webpages=20from=20making=20bugzilla=20users=20su?=
 =?UTF-8?q?bmit=20changes=20to=20bugs=20-=20Patch=20by=20Fr=C3=83=C2=A9d?=
 =?UTF-8?q?=C3=83=C2=A9ric=20Buclin=20<LpSolit@gmail.com>=20r=3Dmkanat=20a?=
 =?UTF-8?q?=3DLpSolit?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 email_in.pl | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'email_in.pl')

diff --git a/email_in.pl b/email_in.pl
index bed5a1477..1edce55d8 100644
--- a/email_in.pl
+++ b/email_in.pl
@@ -47,6 +47,7 @@ use Bugzilla::Error;
 use Bugzilla::Mailer;
 use Bugzilla::User;
 use Bugzilla::Util;
+use Bugzilla::Token;
 
 #############
 # Constants #
@@ -201,6 +202,7 @@ sub process_bug {
         $cgi->param(-name => $field, -value => $fields{$field});
     }
     $cgi->param('longdesclength', scalar $bug->longdescs);
+    $cgi->param('token', issue_hash_token([$bug->id, $bug->delta_ts]));
 
     require 'process_bug.cgi';
 }
-- 
cgit v1.2.1