Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2013-10-17 | Bump version post-release | Dave Lawrence | 1 | -1/+1 | |
2013-10-16 | Bump version to 4.2.7 | Dave Lawrence | 2 | -3/+3 | |
2013-10-16 | Bug 924932: (CVE-2013-1743) [SECURITY] Field values are (still) not escaped ↵ | Frédéric Buclin | 1 | -14/+24 | |
correctly in tabular reports r=dkl a=glob | |||||
2013-10-16 | Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not ↵ | Frédéric Buclin | 2 | -5/+3 | |
sanitized when editing flag types if categoryAction-foo is set r=dkl a=glob | |||||
2013-10-16 | Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachments | Frédéric Buclin | 1 | -8/+11 | |
r=dkl a=sgreen | |||||
2013-10-16 | Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ↵ | Dave Lawrence | 1 | -1/+1 | |
and allowing easier brute force r=LpSolit,a=sgreen | |||||
2013-10-16 | Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ↵ | Dave Lawrence | 1 | -3/+3 | |
total entropy and allowing easier brute force r=LpSolit,a=sgreen | |||||
2013-10-16 | Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ↵ | Dave Lawrence | 3 | -8/+24 | |
and allowing easier brute force r=LpSolit,a=glob | |||||
2013-10-12 | Bug 912640: Release notes for Bugzilla 4.2.7 | Frédéric Buclin | 1 | -0/+30 | |
r=dkl a=LpSolit | |||||
2013-09-27 | Bug 914262: KHTML-based browsers such as Konqueror do not support the ↵ | Frédéric Buclin | 1 | -1/+1 | |
Server-Push technology r=dkl a=justdave | |||||
2013-09-23 | Bug 919475: [Oracle] Crash when non-mandatory free text custom fields are ↵ | Jiří Netolický | 1 | -0/+4 | |
left empty on bug creation r=LpSolit a=justdave | |||||
2013-09-03 | Bug 848063: [Oracle] importxml.pl fails with ORA-01830: comment timestamps ↵ | Mateusz Kuśmierczyk | 1 | -1/+1 | |
are not correctly formatted r=LpSolit a=sgreen | |||||
2013-08-10 | Back out bug 868330 for the 4.2 branch. This is not a security fix | Frédéric Buclin | 2 | -13/+4 | |
2013-08-09 | Bug 902515: Internet Explorer 11 receives multipart/x-mixed-replace content ↵ | Frédéric Buclin | 1 | -1/+1 | |
from buglist.cgi r=dkl a=sgreen | |||||
2013-08-09 | Bug 868330 - Password creation directions incomplete | Sunil Joshi | 2 | -4/+13 | |
r=sgreen, a=sgreen | |||||
2013-08-09 | Bug 897264 - letters_numbers_specialchars password restriction is incorrect | Simon Green | 2 | -16/+16 | |
r=LpSolit, a=sgreen | |||||
2013-08-07 | Bug 901620 - Grammar error in the documentation | Sunil Joshi | 1 | -1/+1 | |
r=sgreen, a=glob | |||||
2013-07-24 | Bug 880653 - Add POD for Bug.possible_duplicates webservice | Dave Lawrence | 1 | -0/+53 | |
r=LpSolit,a=sgreen | |||||
2013-07-15 | Bug 787328 - xmlrpc.cgi doesn't send any security-related headers | Dave Lawrence | 1 | -2/+10 | |
r=glob,a=justdave | |||||
2013-05-22 | Bump version post-release | Dave Lawrence | 1 | -1/+1 | |
2013-05-22 | Bump version to 4.2.6 | Dave Lawrence | 2 | -3/+3 | |
2013-05-22 | Bug 828344: add missing xt broken tests | Byron Jones | 1 | -2/+23 | |
2013-05-20 | Bug 828344: "contains all of the words" no longer looks for all words within ↵ | Byron Jones | 8 | -58/+251 | |
the same comment or flag r=LpSolit, a=LpSolit | |||||
2013-05-18 | Bug 870701: Release notes for Bugzilla 4.2.6 | Frédéric Buclin | 1 | -0/+25 | |
r=dkl a=LpSolit | |||||
2013-05-05 | Bug 212471: Tabular reports do not link bug counts involving the empty ↵ | Frédéric Buclin | 1 | -1/+2 | |
resolution correctly r=dkl a=LpSolit | |||||
2013-05-04 | Bug 859118 - Bug.search called with no arguments returns all visible bugs, ↵ | Dave Lawrence | 2 | -11/+48 | |
ignoring max_search_results and search_allow_no_criteria r/a=LpSolit | |||||
2013-04-28 | Bug 848635: Old queries based on tags are no longer listed in the page ↵ | Frédéric Buclin | 1 | -6/+1 | |
footer by default when upgrading from 4.0 or older to 4.2 r=glob a=LpSolit | |||||
2013-04-28 | Bug 858909: When running checksetup.pl for the first time using Oracle as DB ↵ | Frédéric Buclin | 1 | -1/+1 | |
server, you get an "uninitialized value" warning r=dkl a=LpSolit | |||||
2013-04-18 | Bug 858911: Oracle fails with "ORA-04043: object T_GROUP_CONCAT does not ↵ | Frédéric Buclin | 1 | -1/+3 | |
exist" when installing Bugzilla for the first time r=dkl a=LpSolit | |||||
2013-04-17 | revert commit for bug 828344 | Byron Jones | 3 | -138/+34 | |
2013-04-17 | Bug 828344: Make "contains all of the words" look for all words within the ↵ | Byron Jones | 3 | -34/+138 | |
same comment or flag r=LpSolit, a=LpSolit | |||||
2013-04-16 | Bug 782210: If a custom field depends on a product, component or ↵ | Pami Ketolainen | 2 | -8/+13 | |
classification, the "mandatory" bit is ignored on bug creation r/a=LpSolit | |||||
2013-04-15 | Bug 861528: $user->can_enter_product() now returns the product object ↵ | Frédéric Buclin | 1 | -2/+3 | |
instead of 1 r=glob a=LpSolit | |||||
2013-04-11 | Bug 860723: Custom fields are shown twice in report axis selectors | Pami Ketolainen | 2 | -14/+0 | |
r/a=LpSolit | |||||
2013-04-09 | Bug 355620: Lines enclosed in <simplelist> do not wrap in the PDF version of ↵ | Christopher Trom | 2 | -185/+344 | |
the Bugzilla Guide r/a=LpSolit | |||||
2013-04-05 | Bug 857562: ajax_user_autocompletion param ignored on Search by People fields | Frédéric Buclin | 1 | -2/+2 | |
r=dkl a=LpSolit | |||||
2013-04-05 | Bug 855258: The dependency graph always uses urlbase, even when sslbase is ↵ | Frédéric Buclin | 1 | -1/+1 | |
in use r=glob a=LpSolit | |||||
2013-03-26 | Bug 854074: Remove all references to the uwinnipeg.ca PPM repository as it ↵ | Frédéric Buclin | 4 | -69/+2 | |
is no longer available r=glob a=LpSolit | |||||
2013-03-20 | Bug 852560: Bugzilla cannot be installed with MySQL 5.6, because the ↵ | Frédéric Buclin | 1 | -3/+2 | |
have_innodb variable no longer exists r=glob a=LpSolit | |||||
2013-03-16 | Bug 827983: "[reply]" link besides the original description will insert ("in ↵ | Hugo Seabrook | 2 | -30/+12 | |
reply to comment #N+1") when the comments order is "Newest to Oldest, but keep Descritption at the top" r/a=LpSolit | |||||
2013-03-12 | Bug 850126 - 'token' id defined twice on logged-out pages (in header and footer) | Reed Loden | 1 | -1/+1 | |
[r=LpSolit a=LpSolit] | |||||
2013-03-08 | Bug 848250: Bug summary tooltip now includes "---" for unresolved bugs | Frédéric Buclin | 1 | -1/+3 | |
r=dkl a=LpSolit | |||||
2013-02-20 | Bump version post-release | Dave Lawrence | 1 | -1/+1 | |
2013-02-19 | Bumped current year | Dave Lawrence | 1 | -1/+1 | |
2013-02-19 | Bump version to 4.2.5 | Dave Lawrence | 2 | -3/+3 | |
2013-02-19 | Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an ↵ | Frédéric Buclin | 2 | -6/+6 | |
invalid page format r=glob a=LpSolit | |||||
2013-02-19 | Bug 824399: (CVE-2013-0786) [SECURITY] build_subselect() leaks the existence ↵ | Simon Green | 4 | -2/+22 | |
of products and components you cannot access r/a=LpSolit | |||||
2013-02-19 | Bug 832264: Release notes for Bugzilla 4.2.5 | Frédéric Buclin | 1 | -0/+33 | |
r=dkl a=LpSolit | |||||
2013-02-17 | Bug 839950: Cannot search by Change History on multi-select fields | Matt Tyson | 1 | -2/+6 | |
r/a=LpSolit | |||||
2013-02-16 | Bug 840824: It is possible to create a new bug with a non active target ↵ | Simon Green | 1 | -6/+3 | |
milestone, version or component r/a=LpSolit |