summaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2013-10-16Bump version to 4.5.1Dave Lawrence2-4/+4
2013-10-16Bug 924932: (CVE-2013-1743) [SECURITY] Field values are not escaped correctly...Frédéric Buclin1-14/+24
2013-10-16Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not sanit...Frédéric Buclin2-5/+3
2013-10-16Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachmentsFrédéric Buclin1-7/+10
2013-10-16Bug 911593: (CVE-2013-1733) [SECURITY] CSRF in process_bug.cgiFrédéric Buclin1-11/+12
2013-10-16Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ...Dave Lawrence1-3/+3
2013-10-16Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ...Dave Lawrence2-5/+20
2013-10-16Bug 912641: Release notes for Bugzilla 4.4.1Frédéric Buclin1-2/+45
2013-10-15Bug 917370: large dependency trees are very slow to loadByron Jones1-43/+66
2013-10-14Bug 340160: Speed up LogActivityEntry()Frédéric Buclin1-5/+6
2013-10-14Backout 1st part of bug 340160: state $sth doesn't work fine with mod_perlFrédéric Buclin1-6/+5
2013-10-11Fixes on checkin for bug 769134Frédéric Buclin2-11/+8
2013-10-11Bug 916254 - Bug.get should include the name for reporter, assigned_to and qa...Frank Becker1-0/+57
2013-10-01Bug 919852 - Add ability to perform quicksearch using Bug.searchDave Lawrence2-37/+53
2013-09-30Bug 864625 - Setting a non-privileged user as a requestee on a secure bug whi...Dave Lawrence1-6/+14
2013-09-28Bug 891311: Text in the "My Requests" page is misleading about how the AND/OR...Frédéric Buclin2-34/+36
2013-09-28Bug 798927: An error should be thrown when passing an illegal pronounImran Chaudhry2-1/+9
2013-09-28Bug 340160: Speed up LogActivityEntry()Frédéric Buclin2-14/+10
2013-09-28Bug 851267: Bugzilla times out when a user has several thousands of votesFrédéric Buclin3-96/+93
2013-09-26Bug 917483 - Bug.update_attachment causes error when updating filename using ...Dave Lawrence1-6/+19
2013-09-26Bug 784072 (2nd part): Exclude extensions from POD coverage checksFrédéric Buclin1-0/+2
2013-09-26fix bustage due to bug 891236: it doesn't pass t/002goodperl.tFrédéric Buclin1-1/+3
2013-09-26Bug 920787: The "Flags:" label in bug reports is badly alignedFrédéric Buclin2-8/+2
2013-09-26Bug 917669 - invalid or expired authentication tokens and cookies should thro...Dave Lawrence5-14/+41
2013-09-26Bug 893589 - 004template.t fails when templates in extension directorySimon Green3-14/+26
2013-09-26Bug 769134 - Bugzilla unintentionally removes groups when changing products w...Simon Green2-13/+62
2013-09-26Bug 714523 - editversions.cgi should use ->set_allSunil Joshi2-7/+9
2013-09-26Bug 621216 - Don't call GetQuip() if the user doesn't want quipsSunil Joshi1-1/+4
2013-09-25Bug 455301: Don't show password box on userprefs.cgi if your auth method didn...Dirk Steinmetz1-15/+19
2013-09-24Temporary fix for bug 916882: whitelist product and component when used with ...Frédéric Buclin1-1/+4
2013-09-23Bug 919475: [Oracle] Crash when non-mandatory free text custom fields are lef...Jiří Netolický1-0/+4
2013-09-23Bug 918647: "Use of uninitialized value" warnings when using quicksearchByron Jones1-1/+5
2013-09-20Bug 918362 - The "order" parameter passed to Bug.search is ignoredDave Lawrence1-4/+4
2013-09-19Bug 897510 - Create and Modify User Screen must also contain password rules a...Sunil Joshi1-1/+8
2013-09-19Bug 373820 - View User Account Log should include real nameSunil Joshi1-1/+1
2013-09-19Bug 368541 - Make it obvious that the bug alias is not part of the bug summarySunil Joshi1-2/+2
2013-09-19Bug 365501 - admin/products/groupcontrol/updated uses p as brSunil Joshi1-7/+19
2013-09-19Bug 332034 - Add New Attachment as an option for attachment.cgi when we are n...Sunil Joshi1-2/+8
2013-09-18Bug 578434 - Bug group checkboxes lay out poorly beside attachment fieldDave Lawrence4-78/+64
2013-09-18Bug 578434 - Bug group checkboxes lay out poorly beside attachment field Dave Lawrence4-64/+78
2013-09-18Bug 916979 - Bug.search ignores the "limit" parameterDave Lawrence2-10/+6
2013-09-18fix typo in commentByron Jones1-1/+1
2013-09-18Bug 877545: quicksearch shouldn't treat apostrophes as quote charactersByron Jones1-6/+27
2013-09-17Bug 916935 - Add Access-Control-Allow-Headers to REST API to indicate which H...Dave Lawrence1-0/+1
2013-09-16Fix POD (bogus in bug 866927)Frédéric Buclin1-3/+3
2013-09-16Bug 785565: Search by change history between two dates doesn't give expected ...Frédéric Buclin1-35/+14
2013-09-13Bug 914986 - Create Bug.update_attachment to update attachments via RPC/RESTSimon Green3-4/+242
2013-09-12Bug 911509: SOAP::Lite 1.0 no longer includes XMLRPC::LiteFrédéric Buclin1-0/+10
2013-09-10Bug 914262: KHTML-based browsers such as Konqueror do not support the Server-...Frédéric Buclin1-1/+1
2013-09-09Bug 914196 - Documentation for User.login should state cookies not used for J...Dave Lawrence1-1/+3