summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2013-11-04Bug 933353 - UNCONFIRMED hardcoded in product list.Marc Schumann1-1/+2
r=LpSolit; a=glob
2013-11-04Bug 926952: Possible race conditions when editing or deleting a milestone or ↵Frédéric Buclin2-3/+14
a version r/a=glob
2013-11-04Bug 933736 - names are no longer links in html bugmail with background ↵Dave Lawrence1-2/+2
bugmail generation r/a=glob
2013-11-04Bug 933274 - Uncaught bugword in ↵Marc Schumann1-1/+1
template/en/default/admin/params/auth.html.tmpl. r=dkl; a=sgreen
2013-10-29Bug 927497 - "Add me to CC list" feature of bug creation screen gives token ↵Dave Lawrence1-10/+18
error r=LpSolit,a=glob
2013-10-29Bug 863745: Enable multi-select fields in reportsPami Ketolainen5-36/+87
r=LpSolit a=glob
2013-10-28Bug 930870: With Pod::Coverage 0.23, t/011pod.t fails if a module is not ↵Frédéric Buclin1-2/+2
installed r/a=glob
2013-10-28Bug 919314: Do not list the target milestone in bugmail headers when ↵Sunil Joshi1-0/+2
usetargetmilestone is off r=LpSolit a=glob
2013-10-28Bug 929575: t/001compile.t fails if Test::Taint is not installedFrédéric Buclin1-1/+2
r=dkl a=glob
2013-10-28Bug 928410 - Bug.get should return detail about cc list members similar to ↵Dave Lawrence1-0/+6
assigned_to, creator and qa_contact r=gerv,a=glob
2013-10-25Bug 928092: Add OS detection for Windows 8.1Frédéric Buclin1-0/+1
r=justdave a=glob
2013-10-24Bug 930013: fall back to the bug's current delta_ts when validating a token ↵Byron Jones1-1/+1
if one is not provided to process_bug.cgi r=dkl,a=glob
2013-10-21Bug 926232 - CSS style ".bz_status_UNCONFIRMED" is not applied due to typo.Andre Klapper1-1/+1
r=Wurblzap; a=glob
2013-10-17Bump version post-releaseDave Lawrence1-1/+1
2013-10-17Bug 927736: "invalid token" error if someone else changes the CC list while ↵Byron Jones1-2/+2
viewing a bug r/a=LpSolit
2013-10-17Bug 927570: mid-air conflict fails to check all changed fieldsByron Jones1-2/+4
r=dkl, a=simon
2013-10-16Bump version to 4.5.1Dave Lawrence2-4/+4
2013-10-16Bug 924932: (CVE-2013-1743) [SECURITY] Field values are not escaped ↵Frédéric Buclin1-14/+24
correctly in tabular reports r=dkl a=glob
2013-10-16Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not ↵Frédéric Buclin2-5/+3
sanitized when editing flag types if categoryAction-foo is set r=dkl a=glob
2013-10-16Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachmentsFrédéric Buclin1-7/+10
r=dkl a=sgreen
2013-10-16Bug 911593: (CVE-2013-1733) [SECURITY] CSRF in process_bug.cgiFrédéric Buclin1-11/+12
r=dkl a=sgreen
2013-10-16Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ↵Dave Lawrence1-3/+3
total entropy and allowing easier brute force r=LpSolit,a=sgreen
2013-10-16Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ↵Dave Lawrence2-5/+20
and allowing easier brute force r=LpSolit,a=glob
2013-10-16Bug 912641: Release notes for Bugzilla 4.4.1Frédéric Buclin1-2/+45
r=dkl a=LpSolit
2013-10-15Bug 917370: large dependency trees are very slow to loadByron Jones1-43/+66
r=dkl, a=simon
2013-10-14Bug 340160: Speed up LogActivityEntry()Frédéric Buclin1-5/+6
r=dkl a=glob
2013-10-14Backout 1st part of bug 340160: state $sth doesn't work fine with mod_perlFrédéric Buclin1-6/+5
2013-10-11Fixes on checkin for bug 769134Frédéric Buclin2-11/+8
2013-10-11Bug 916254 - Bug.get should include the name for reporter, assigned_to and ↵Frank Becker1-0/+57
qa_contact r=dkl,a=sgreen
2013-10-01Bug 919852 - Add ability to perform quicksearch using Bug.searchDave Lawrence2-37/+53
r/a=glob
2013-09-30Bug 864625 - Setting a non-privileged user as a requestee on a secure bug ↵Dave Lawrence1-6/+14
while ccing the same user to give access at the same r=LpSolit,a=sgreen
2013-09-28Bug 891311: Text in the "My Requests" page is misleading about how the ↵Frédéric Buclin2-34/+36
AND/OR radio button works r=dkl a=justdave
2013-09-28Bug 798927: An error should be thrown when passing an illegal pronounImran Chaudhry2-1/+9
r=LpSolit a=justdave
2013-09-28Bug 340160: Speed up LogActivityEntry()Frédéric Buclin2-14/+10
r=dkl a=justdave
2013-09-28Bug 851267: Bugzilla times out when a user has several thousands of votesFrédéric Buclin3-96/+93
r=dkl a=justdave
2013-09-26Bug 917483 - Bug.update_attachment causes error when updating filename using ↵Dave Lawrence1-6/+19
key 'file_name'
2013-09-26Bug 784072 (2nd part): Exclude extensions from POD coverage checksFrédéric Buclin1-0/+2
2013-09-26fix bustage due to bug 891236: it doesn't pass t/002goodperl.tFrédéric Buclin1-1/+3
2013-09-26Bug 920787: The "Flags:" label in bug reports is badly alignedFrédéric Buclin2-8/+2
r=dkl a=sgreen
2013-09-26Bug 917669 - invalid or expired authentication tokens and cookies should ↵Dave Lawrence5-14/+41
throw errors, not be silently ignored r/a=glob
2013-09-26Bug 893589 - 004template.t fails when templates in extension directorySimon Green3-14/+26
r=dkl, a=simon
2013-09-26Bug 769134 - Bugzilla unintentionally removes groups when changing products ↵Simon Green2-13/+62
with multiple bugs r=dkl, a=justdave
2013-09-26Bug 714523 - editversions.cgi should use ->set_allSunil Joshi2-7/+9
r=simon, a=simon
2013-09-26Bug 621216 - Don't call GetQuip() if the user doesn't want quipsSunil Joshi1-1/+4
r=simon, a=simon
2013-09-25Bug 455301: Don't show password box on userprefs.cgi if your auth method ↵Dirk Steinmetz1-15/+19
didn't use DB passwords r=LpSolit a=justdave
2013-09-24Temporary fix for bug 916882: whitelist product and component when used with ↵Frédéric Buclin1-1/+4
the changed* operators r/a=glob
2013-09-23Bug 919475: [Oracle] Crash when non-mandatory free text custom fields are ↵Jiří Netolický1-0/+4
left empty on bug creation r=LpSolit a=justdave
2013-09-23Bug 918647: "Use of uninitialized value" warnings when using quicksearchByron Jones1-1/+5
r=simon, a=glob
2013-09-20Bug 918362 - The "order" parameter passed to Bug.search is ignoredDave Lawrence1-4/+4
r=LpSolit,a=glob
2013-09-19Bug 897510 - Create and Modify User Screen must also contain password rules ↵Sunil Joshi1-1/+8
as hint r=simon, a=glob