Something to investigate, to see if it can have security implications : By entering a bug with a CR in the summary field you end up with funny bugzilla mail. Let's take this one for example : =============================== ... From: bugzilla-daemon@gentoo.org To: security@gentoo.org Subject: [Bug 114205] www-apps/trac Message-Id: <E1Ei6rP-0002c1-Mi@nuthatch.gentoo.org> Date: Fri, 02 Dec 2005 09:05:43 +0000 X-Spam-Checker-Version: SpamAssassin 3.0.4-gr0 (2005-06-05) on toucan.gentoo.org X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,FORGED_RCVD_HELO, NO_REAL_NAME autolearn=no version=3.0.4-gr0 SQL injection In-Reply-To: <bug-114205@bugs.gentoo.org> X-Bugzilla-Reason: AssignedTo Clear-Text: http://bugs.gentoo.org/show_bug.cgi?id=114205 Secure: https://bugs.gentoo.org/show_bug.cgi?id=114205 ... ======================= It's clearly a bug, but was wondering if you can exploit it to overload headers...
*waves at security folks* Hi guys, you should be able to close this one, Summary should have all non-space whitespace converted into single spaces now. P.S. Don't mind me, I was working on bugzilla bugs since I'm doing some of the admin work now, and the admin perms included this bug in my search, which I would not normally have seen.
Thanks Robin, we're outta here.
