summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2012-11-14Added swfstore.swf back as it was removed unintentionallyDave Lawrence1-0/+0
2012-11-14merged with bugzilla/4.2Dave Lawrence27-105/+213
2012-11-14Bug 804978 - The BzAPI extension let everybody see all confidential product ↵Dave Lawrence1-4/+3
names when classifications are enabled
2012-11-14Bug 809195 - Put up notice that MoLegal form is deprecated in favour of ↵Dave Lawrence1-0/+6
project-review form
2012-11-14Bug 589322: fix push breakage (Net::RabbitMQ should be optional)Byron Jones1-1/+1
2012-11-14Bug 589322: deploy push extensionByron Jones36-0/+4493
2012-11-14Bump version post-releaseDave Lawrence1-1/+1
https://bugzilla.mozilla.org/show_bug.cgi?id=805644
2012-11-13Bump version to 4.2.4Dave Lawrence2-3/+3
https://bugzilla.mozilla.org/show_bug.cgi?id=805644
2012-11-13Bug 790296 (CVE-2012-4189): [SECURITY] Field values are not escaped ↵Frédéric Buclin2-2/+2
correctly in tabular reports r=dkl a=LpSolit
2012-11-13Bug 808845 (CVE-2012-5475): [SECURITY] Security vulnerability in YUI's ↵Frédéric Buclin1-0/+0
swfstore.swf in YUI 2.8.2 and 2.9.0 a=LpSolit
2012-11-13Bug 781850 (CVE-2012-4198): [SECURITY] Do not leak the existence of groups ↵Frédéric Buclin2-6/+21
when using User.get() r=dkl a=LpSolit
2012-11-13Bug 802204 (CVE-2012-4197): [SECURITY] Marking an attachment you cannot see ↵Frédéric Buclin2-5/+1
as obsolete can disclose its description r=gerv a=LpSolit
2012-11-13Bug 731178 (CVE-2012-4199): [SECURITY] field-events.js.tmpl discloses ↵Frédéric Buclin2-9/+21
product and component names that the user is not allowed to see r=dkl a=LpSolit
2012-11-12Bug 625194 - Set the QA contact for all bugs in the Bugzilla product to ↵Dave Lawrence1-0/+143
default-qa@bugzilla.bugs r=glob
2012-11-12Bug 810870: make needinfo honour requestee_cc preferenceByron Jones1-4/+6
2012-11-09Bug 791758 - Mass change from whiteboard '[orange]' to keyword ↵Dave Lawrence1-0/+151
'intermittent-failure' r=glob
2012-11-08fix shadowbug issue causing crash when editing multiple bugsByron Jones1-1/+1
2012-11-08Bug 809747: change from webtrends to google analyticsDave Lawrence2-17/+13
2012-11-07Bug 801713: implement "bug shadowing" featureByron Jones12-1/+329
2012-11-06Bug 808902: block access to swf filesByron Jones1-1/+1
2012-11-06Bug 808902: Update swfstore.swfByron Jones1-0/+0
2012-11-03Back out the last checkin, it was already thereFrédéric Buclin1-3/+0
2012-11-03Bug 805647: One more item for the 4.2.4 release notesFrédéric Buclin1-0/+3
2012-11-03Bug 804505: Oracle crashes when typing "word1 word2" in QuickSearch with ↵Frédéric Buclin3-9/+10
"ORA-29907: found duplicate labels in primary invocations" r=dkl a=LpSolit
2012-11-02Bug 806012: Installation docs need to be updated with instructions for bzrFrédéric Buclin2-6/+6
r=dkl a=LpSolit
2012-11-02Fix typoFrédéric Buclin1-1/+1
2012-11-02Bug 807937: Fix PODKoosha Khajeh Moogahi1-6/+7
r/a=LpSolit
2012-10-31Bug 787478 - Create Custom Entry Form for Data Safety/Legal/Security/Privacy ↵Dave Lawrence14-0/+1365
Assurance Bugs
2012-10-27Bug 805890 - Needinfo should be possible on closed bugsDave Lawrence1-6/+19
r=glob
2012-10-26Bug 805647: Release notes for Bugzilla 4.2.4Frédéric Buclin1-3/+50
r=dkl
2012-10-26Bug 805656: Fix broken service-now redirect on itrequrst formByron Jones1-8/+6
2012-10-25Bug 610767: contrib/convert-workflow.pl should add transitions from RESOLVED ↵Frédéric Buclin1-3/+46
and VERIFIED to CONFIRMED (if transitions to REOPENED were present) r=dkl a=LpSolit
2012-10-25Bug 800509 - Add an X-Bugzilla-Resolution header in bugmail Dave Lawrence2-0/+2
2012-10-25Bug 781336: disable SKIP_REQUESTEE_ON_ERRORByron Jones1-1/+1
2012-10-24Bug 803545 - Should be able to enter partial needinfo flag requesteeDave Lawrence1-0/+11
2012-10-24Bug 803545 - Should be able to enter partial needinfo flag requesteeDave Lawrence4-21/+7
2012-10-24Bug 803058: add a shortcut to quicksearch to enable or disable comment ↵Byron Jones2-1/+14
searching for that query
2012-10-23Fix url_quote/uri filterByron Jones1-1/+1
2012-10-23Bug 803600: Operators email address is exposed to anons on attachment deletionFrédéric Buclin2-10/+2
2012-10-19Bug 264721 - create READY state for bugs which have enough info/testcases to ↵Dave Lawrence1-0/+140
start work
2012-10-19Bug 531243: Bugzilla crashes on show_bug if it's hit while a custom field is ↵Frédéric Buclin1-1/+9
being added r=justdave a=LpSolit
2012-10-19Bug 780053: Oracle crashes when listing keywords or flags in buglistsDavid Taylor1-9/+13
r/a=LpSolit
2012-10-18Fix bare bugwords in remo budget request formByron Jones2-3/+3
https://bugzilla.mozilla.org/show_bug.cgi?id=795980
2012-10-18Bug 795980 - Changes in budget request formDave Lawrence1-32/+6
2012-10-18Bug 795980 - Changes in budget request formDave Lawrence3-105/+136
2012-10-17Bug 802451 - backport bug 704999 to bmo (GitHub URLs aren't working in the ↵Dave Lawrence3-0/+38
"Add Bug URLs" field)
2012-10-16Bug 577329 - WebServices should filter email addresses same as the web UI as ↵Dave Lawrence10-26/+53
users are not always required to login
2012-10-16Bug 799721: PostgreSQL 9.2 requires DBD::Pg 2.19.3Frédéric Buclin1-4/+5
r=glob a=LpSolit
2012-10-16Bug 800691: guided bug entry - thunderbird - default to Untriaged and remove ↵Byron Jones2-1/+20
General components
2012-10-14Bug 781314: The behavior of tags changedFrédéric Buclin1-11/+5
r=wicked a=LpSolit