summaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2012-01-31(CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can le...Frédéric Buclin2-1/+18
2012-01-31Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email a...Frédéric Buclin4-7/+5
2012-01-31Bug 714446: Product.create default behavior is broken and inconsistent with PODFrédéric Buclin1-17/+29
2012-01-27Bug 720756 - Update release notes for Bugzilla 4.2rc2Dave Lawrence1-4/+8
2012-01-27Bug 721715: URLs in the See Also field must be detainted before inserted into...Frédéric Buclin1-4/+3
2012-01-26Fix bustage due to bug 715514.Tiago Mello1-1/+1
2012-01-25Bug 717217: The regexp in Bugzilla::BugUrl::JIRA::should_handle() isn'tSimon Green1-1/+1
2012-01-25Bug 715514: Fix showdependencytree misleading in "hide resolved" viewMatt Selsky1-2/+2
2012-01-24Bug 718183: Rename duplicated series names before inserting the new index in ...Frédéric Buclin1-0/+31
2012-01-24Bug 715870: [Oracle] Related sequences and triggers must be removed when drop...Frédéric Buclin1-1/+19
2012-01-24Bug 633061: Require Apache2::SizeLimit 0.96 for proper operation on LinuxMax Kanat-Alexander2-5/+5
2012-01-21Bug 469068: SMTP parameters not documentedMatt Selsky1-0/+62
2012-01-18Bug 718905: Move user_preferences hook up, before other actions in userprefs.cgiTiago Mello1-8/+10
2012-01-12Bug 715731 - profile_search.user_id should have a FK pointing to profiles.useridDave Lawrence1-1/+4
2012-01-12Bug 717215: Remove references to url_quote filterSimon Green2-5/+1
2012-01-12Bug 715902: Do not log personal common activities in audit_logFrédéric Buclin8-3/+23
2012-01-11Bug 717210: If all attachments are stored locally (maxattachmentsize = 0, max...Simon Green2-3/+3
2012-01-11Bug 591638: In the admin page, the link to edit field values is named 'Field ...A. Shimono1-1/+1
2012-01-11Bug 715650 - User auto-completion does not work in request.cgi for requester ...Dave Lawrence1-1/+2
2012-01-11Bug 716227: When checksetup.pl tells the admin that he should edit variables ...Frédéric Buclin2-9/+14
2012-01-10Bug 716283: Clickjacking in the attachment "Details" page allows to bypass to...Frédéric Buclin2-0/+13
2012-01-06Bug 706753 about JSON::RPC 1.01 is now fixedFrédéric Buclin1-4/+0
2012-01-06Bug 695294: The See Also field is not visible in "Format for Printing"Matt Selsky1-0/+12
2012-01-06Bug 319684: The documentation is unclear about how to disable quipsMatt Selsky1-7/+12
2012-01-06Bug 641957: The documentation should mention that the voting system is now an...Matt Selsky1-0/+5
2012-01-06Bug 715705: User auto-completion doesn't work for watched users in the email ...Frédéric Buclin1-1/+2
2012-01-06Bug 714664: The content of the "emailregexpdesc" parameter is not escaped whe...Frédéric Buclin2-2/+2
2012-01-05Bug 706753: Bugzilla will not work with newest version of JSON::RPC 1.01 due ...Frédéric Buclin1-1/+12
2011-12-29Bump the version number post-releaseDave Lawrence1-1/+1
2011-12-29Bump version for 4.2rc1Dave Lawrence2-3/+3
2011-12-28Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebSer...Frédéric Buclin5-46/+51
2011-12-28Bug 697699 - (CVE-2011-3657) [SECURITY] XSS when viewing new charts or tabula...Byron Jones2-3/+3
2011-12-28user_autocompletion -> ajax_user_autocompletionFrédéric Buclin1-1/+1
2011-12-28Bug 713346: Release notes for Bugzilla 4.2rc1Frédéric Buclin2-3418/+4037
2011-12-28Bug 713144: The SQL query to remove older searches from the profile_search ta...Frédéric Buclin1-6/+8
2011-12-26Bug 683644: Foreign keys aren't renamed correctly when DB tables are renamedFrédéric Buclin7-30/+121
2011-12-19Bug 711925: Update from 4.0 or older to 4.2 or trunk fails when bug_see_also ...Frédéric Buclin2-2/+2
2011-12-17Fix bustage due to bug 705474Frédéric Buclin1-0/+1
2011-12-16Last Comment Bug 685611 - delta_ts is updated even when no changes are made t...Dave Lawrence3-3/+35
2011-12-15Bug 707428: Custom field values whose visibility depends on another field val...Frédéric Buclin1-1/+1
2011-12-13Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible unauthor...Reed Loden3-2/+13
2011-12-09Bug 644281: When the sort order of a buglist is modified, the "Show next bug ...Frédéric Buclin2-31/+25
2011-12-08Bug 707170: Several features about custom fields are missing in the documenta...Frédéric Buclin1-7/+50
2011-12-06Bug 657290: Bug.add_attachment() stores truncated timestamps in the DB (secon...Frédéric Buclin1-1/+4
2011-12-05Bug 692354: Incorrect parameter type in WebServices documentation for Bug.add...Matt Selsky1-1/+1
2011-12-05Bug 422256: email_in.pl should send an email if user matching fails or return...Albert Ting1-5/+14
2011-12-05Bug 577854: URL field header caption does not link to field value description...Matt Selsky2-10/+7
2011-12-05Forgot to fix all occurences of $cache->{search_columns}->{$user->id}, see bu...Frédéric Buclin1-2/+2
2011-12-05Bug 550299: User fields are left blank in buglists and whines when local user...Frédéric Buclin5-40/+24
2011-12-05Bug 707594: Fix broken account lockout notificationsByron Jones1-1/+2