Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.
lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html
lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html
lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html
secunia.com/advisories/40892
secunia.com/advisories/41128
www.bugzilla.org/security/3.2.7/
www.securityfocus.com/bid/42275
www.vupen.com/english/advisories/2010/2035
www.vupen.com/english/advisories/2010/2205
bugzilla.mozilla.org/show_bug.cgi?id=417048
bugzilla.redhat.com/show_bug.cgi?id=623423