summaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2014-10-06Bump version to 4.2.11David Lawrence2-3/+3
2014-10-06Bug 1054702: CSV export vulnerable to formulae injectionSimon Green2-4/+8
2014-10-06Bug 1064140: [SECURITY] Private comments can be shown to flagmail recipients ...Simon Green3-18/+38
2014-10-06Bug 1074980: Forbid the { foo => $cgi->param() } syntax to prevent data overrideFrédéric Buclin1-1/+32
2014-10-06Bug 1075578: [SECURITY] Improper filtering of CGI argumentsFrédéric Buclin11-50/+52
2014-10-06Bug 1072492: Release notes for 4.2.11David Lawrence1-0/+6
2014-07-24Bump version post-releaseDavid Lawrence2-4/+2
2014-07-24Bump to version 4.2.10 (corrected)David Lawrence2-0/+2
2014-07-24Bug 1036213 - (CVE-2014-1546) add '/**/' before jsonrpc.cgi callback to avoid...Simon Green1-2/+3
2014-07-24Bump version to 4.2.10David Lawrence2-3/+3
2014-07-24Bug 1042088 - Release notes for 4.2.10David Lawrence1-0/+6
2014-05-15Bug 1011250 - Updates IRC notification text to include commit message and als...David Lawrence1-4/+9
2014-05-15Bug 983275 - Switch Bugzilla's CI testing from Tinderbox to travis-ciDavid Lawrence1-1/+1
2014-05-14Bug 983275 - Switch Bugzilla's CI testing from Tinderbox to travis-ciDavid Lawrence1-1/+1
2014-05-08Bug 983275 - Switch Bugzilla's CI testing from Tinderbox to travis-ciDavid Lawrence1-0/+6
2014-05-07Bug 983275 - Switch Bugzilla's CI testing from Tinderbox to travis-ciDavid Lawrence1-7/+5
2014-05-02Bug 995209 - Create a Build.PL script using Module::Build for testing/install...David Lawrence1-1/+1
2014-05-02Bug 983275 - Switch Bugzilla's CI testing from Tinderbox to travis-ciDavid Lawrence1-0/+39
2014-05-01Bug 995209 - Create a Build.PL script using Module::Build for testing/install...David Lawrence2-0/+114
2014-04-21Bumped version post-releaseDavid Lawrence2-2/+2
2014-04-19Bump version to 4.2.9David Lawrence2-3/+3
2014-04-18Bug 998484: Release notes for Bugzilla 4.2.9Frédéric Buclin1-0/+7
2014-04-18Bug 998323 - URLs pasted in comments are no longer displayedDavid Lawrence1-14/+11
2014-04-17Bumped version post-releaseDavid Lawrence2-2/+2
2014-04-17Bump version to 4.2.8David Lawrence2-4/+4
2014-04-17Bug 968576: [SECURITY] Dangerous control characters allowed in Bugzilla textManish Goregaokar4-2/+17
2014-04-15Bug 996168: Release notes for Bugzilla 4.2.8Frédéric Buclin1-0/+31
2014-03-14Copied over .bzrignore to .gitignoreDavid Lawrence1-0/+32
2013-12-21Bug 748095: Bugzilla crashes when the shutdownhtml parameter is set and using...Frédéric Buclin1-1/+1
2013-12-05Bug 942599: Documentation about possible_duplicates() lists 'products' as arg...Frédéric Buclin1-1/+1
2013-12-02Bug 938300: vers_cmp() incorrectly compares module versionsFrédéric Buclin1-15/+14
2013-12-02Bug 781672: checksetup.pl fails to check the version of the latest Apache2::S...Frédéric Buclin1-2/+9
2013-11-14Bug 938161: sql_date_format() method for SQLite has an incorrect default formatFrédéric Buclin1-1/+1
2013-11-13Bug 843457: PROJECT environment variable is not honored when mod_perl is enabledFrédéric Buclin1-3/+11
2013-10-17Bump version post-releaseDave Lawrence1-1/+1
2013-10-16Bump version to 4.2.7Dave Lawrence2-3/+3
2013-10-16Bug 924932: (CVE-2013-1743) [SECURITY] Field values are (still) not escaped c...Frédéric Buclin1-14/+24
2013-10-16Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not sanit...Frédéric Buclin2-5/+3
2013-10-16Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachmentsFrédéric Buclin1-8/+11
2013-10-16Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ...Dave Lawrence1-1/+1
2013-10-16Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ...Dave Lawrence1-3/+3
2013-10-16Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ...Dave Lawrence3-8/+24
2013-10-12Bug 912640: Release notes for Bugzilla 4.2.7Frédéric Buclin1-0/+30
2013-09-27Bug 914262: KHTML-based browsers such as Konqueror do not support the Server-...Frédéric Buclin1-1/+1
2013-09-23Bug 919475: [Oracle] Crash when non-mandatory free text custom fields are lef...Jiří Netolický1-0/+4
2013-09-03Bug 848063: [Oracle] importxml.pl fails with ORA-01830: comment timestamps ar...Mateusz Kuśmierczyk1-1/+1
2013-08-10Back out bug 868330 for the 4.2 branch. This is not a security fixFrédéric Buclin2-13/+4
2013-08-09Bug 902515: Internet Explorer 11 receives multipart/x-mixed-replace content f...Frédéric Buclin1-1/+1
2013-08-09Bug 868330 - Password creation directions incompleteSunil Joshi2-4/+13
2013-08-09Bug 897264 - letters_numbers_specialchars password restriction is incorrectSimon Green2-16/+16
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-11-13 18:19:36 +0100