summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2012-09-09Bug 671612: Send "X-Content-Type-Options: nosniff" with every responseMatt Selsky3-4/+5
r/a=LpSolit
2012-09-03Bug 786889: Add missing 'Summary (first 60 chars)' header to CSV outputMatt Tyson1-0/+1
r=glob, a=LpSolit
2012-08-30Bumped version post-releaseDave Lawrence1-1/+1
2012-08-30Bump version to 4.2.3Dave Lawrence2-3/+3
2012-08-30Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can ↵Reed Loden1-0/+2
lead to LDAP injection r/a=LpSolit
2012-08-30Bug 785522: [SECURITY] Block access to templates in extensions/Frédéric Buclin1-1/+1
r=glob a=LpSolit
2012-08-30Bug 731156: [Oracle] Adding or removing a DB column does not handle SERIAL ↵Frédéric Buclin2-29/+97
correctly r=dkl a=LpSolit
2012-08-30Bug 786351: Release notes for Bugzilla 4.2.3Frédéric Buclin1-0/+41
r=dkl a=LpSolit
2012-08-29Bug 772620: Ignore empty strings in the CC listFrédéric Buclin1-0/+2
r=dkl a=LpSolit
2012-08-29Bug 786310: Remove tokens when saving the default queryByron Jones1-0/+2
r= LpSolit, a=LpSolit
2012-08-29Fix more bustage caused by Bug 772953Byron Jones1-4/+6
2012-08-29Fix bustage caused by Bug 772953Byron Jones1-1/+4
2012-08-28Bug 772953: Remove the token from buglist urlsByron Jones4-3/+24
r=dkl, a=LpSolit
2012-08-27Bug 785917: Custom field descriptions are not properly escaped when ↵Frédéric Buclin2-2/+1
displayed as bug list column headers r=glob a=LpSolit
2012-08-26Bug 559539: [Oracle] whine.pl sets run_next incorrectly due to CURRENT_DATEDavid Taylor1-3/+5
r/a=LpSolit
2012-08-21Bug 783786: PostgreSQL databases can be created with the wrong encodingFrédéric Buclin1-0/+10
r=dkl a=LpSolit
2012-08-20Bug 698068: The "There is no saved search named ..." page has a "forget" linkFrédéric Buclin3-3/+3
r=glob a=LpSolit
2012-08-15Bug 771100: Unable to attach a file to a bug with perl 5.16Frédéric Buclin1-1/+1
r=dkl a=LpSolit
2012-08-12Bug 781059 part 2: -moz-border-radius is obsolete and must be replaced by ↵Frédéric Buclin1-1/+1
the standard border-radius CSS property
2012-08-08Bug 781059: -moz-border-radius is obsolete and must be replaced by the ↵Frédéric Buclin2-10/+10
standard border-radius CSS property r=reed a=LpSolit
2012-08-07Bug 780883 - s/fieldAutoComp/keywordAutoComp/ (fallout from bad 4.2 commit ↵Reed Loden1-1/+1
in bug 764517) [r=glob a=LpSolit]
2012-08-07Bug 779709: Don't allow searching on changes to private attachments or commentsSImon Green1-3/+36
r=glob, a=LpSolit
2012-08-06Bug 706271: CSRF vulnerability in token.cgi allows possible unauthorized ↵Frédéric Buclin3-3/+10
password reset e-mail request r=reed a=LpSolit
2012-08-03Bug 682317 - Bug.create is incorrectly documented as ignoring invalid ↵Koosha Khajeh Moogahi1-2/+3
fields; it should say it produces an error r=dkl, a=LpSolit
2012-08-03Bug 780028: Oracle crashes if a column listed in ORDER BY appears twice in ↵Frédéric Buclin1-4/+13
SELECT r=glob a=LpSolit
2012-07-30Bug 778226 - Add Mac OS 10.8 Mountain Lion detectionMatt Selsky1-0/+1
r=timeless, a=LpSolit
2012-07-27Bumped version post releaseDave Lawrence1-1/+1
2012-07-26Bump version to 4.2.2Dave Lawrence2-3/+3
2012-07-26Bug 777398: (CVE-2012-1968) [SECURITY] HTML bugmail exposes information ↵Frédéric Buclin3-24/+35
about restricted bugs r=glob a=LpSolit
2012-07-26Bug 774625 - describecomponents.cgi - product category listing is not sortedMarkus Kolb1-1/+1
r=dkl, a=LpSolit
2012-07-26Bug 777555: Release notes for Bugzilla 4.2.2Frédéric Buclin1-0/+42
r=dkl a=LpSolit
2012-07-26Backout bug 768573 to fix bustageFrédéric Buclin4-6/+6
2012-07-25Bug 776103 - Syntax error in Bugzilla::User::Setting API docKoosha Khajeh Moogahi1-2/+2
r/a=LpSolit
2012-07-24Bug 753688: Classification doesn't work as z-axis on reportsFrédéric Buclin1-4/+14
r=glob a=LpSolit
2012-07-24Bug 764517: Don't automatically select the first keyword if the search ↵Byron Jones1-0/+3
string is empty r=dkl, a=LpSolit
2012-07-02Bug 553553 - We shouldn't be using terms.Bugzilla in the "please contribute" ↵Matt Selsky1-5/+6
message. r=Wurblzap, a=LpSolit
2012-06-29Bug 762783: Change dependent bugs to use POST when the url exceeds the url ↵Simon Green1-5/+21
length limit r=glob, a=LpSolit
2012-06-27Bug 768870: The "Un-forget the search" link has no tokenFrédéric Buclin1-1/+3
r=glob a=LpSolit
2012-06-26Bug 768573: Templates must INCLUDE bug/field.html.tmpl instead of PROCESS'ing itFrédéric Buclin4-6/+6
r=glob a=LpSolit
2012-06-21Bug 762785: Attachments are attached to the wrong comment when created by ↵A. Shimono1-1/+2
email_in.pl r/a=LpSolit
2012-06-09Bug 577014: [SINGLE|MULTIPLE]_SELECT custom fields with no new values, ↵Koosha Khajeh Moogahi1-0/+6
containing only the default value '---' and marked as mandatory, blocks the user to update/create a bug r/a=LpSolit
2012-06-08Bug 760075: Fix error thrown when an allwords search starts with or ends ↵Simon Green1-3/+3
with a space r=glob, a=LpSolit
2012-06-07Bug 761230: The server push page no longer displays all debug dataFrédéric Buclin1-9/+4
r=timello a=LpSolit
2012-05-29Bug 754672 - CSRF vulnerability in buglist.cgi allows possible unauthorized ↵Reed Loden2-9/+16
setting of default search options [r=LpSolit a=LpSolit]
2012-05-29Bug 754673 - CSRF vulnerability in query.cgi allows possible unauthorized ↵Reed Loden2-1/+5
use of "Set my default search back to the system default" [r=LpSolit a=LpSolit]
2012-05-29Bug 754561 - Escape HTML in keywords in the auto-complete formReed Loden1-0/+1
[r=LpSolit a=LpSolit]
2012-05-28Bug 756314: Fix dropping of unique matches when the "confirm page" page is ↵Byron Jones1-4/+4
display. r=LpSolit, a=LpSolit
2012-05-28Bug 754981: Add a link pointing to the bug itself in HTML bugmails when only ↵Koosha Khajeh Moogahi1-0/+1
a comment is added r/a=LpSolit
2012-05-24Bug 744691: Throw an error early when calling a method from a non-existent classByron Jones1-0/+1
r=dkl, a=LpSolit
2012-05-21Bug 754090: Bugzilla::FlagType::match() crashes when the group parameter is ↵Frédéric Buclin2-2/+15
not a number a=LpSolit