0002341: Users with no permission see bugs from privat project - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0002341	mantisbt	security	public	2002-08-14 11:55	2006-10-09 11:54

Reporter	mdiehlz	Assigned To	jfitzell
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Platform	Celeron 800	OS	Linux Suse	OS Version	7.2
Product Version	0.17.3

Summary	0002341: Users with no permission see bugs from privat project
Description	Users with now permission see with the 'all project mode' in the buglist the public bugs from privat project.
Steps To Reproduce	Set all projects to privat. Greate in one of this project a public bug. create a new user with no access to this private projects. Login with the new account and select 'All projects' and view the buglist.
Tags	No tags attached.

mdiehlz 2002-08-14 13:04 reporter ~0003080	Sorry Decription is: Users with no permission see with the 'all project mode' in the buglist the public bugs from privat project.

vboctor 2002-08-18 07:08 manager ~0003128	Changed category to "Security"

vboctor 2002-08-22 06:19 manager ~0003157	Which version are you referring to?

mdiehlz 2002-08-22 08:45 reporter ~0003159	0.17.3

jfitzell 2002-08-23 02:57 reporter ~0003162	Fixed in CVS #2383 filed, requesting security advisory Expect a patch release shortly

MantisBT: master e9ab25d2 2002-08-23 05:54 Julian Fitzell Details Diff	Fix bug 0002341: "Users with no permission see bugs from privat project" See: http://mantisbt.sourceforge.net/mantis/view_bug_advanced_page.php?f_id=0002341 git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@1309 <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9	Affected Issues 0002341
	mod - doc/ChangeLog	Diff File
	mod - view_all_bug_page.php	Diff File