summaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2016-05-04Bug 1269795 - [BMO] ImageMagick Is On Fire  (CVE-2016-3714)Dylan William Hardison2-139/+0
2016-05-03Bug 1269236 - Incorrect checking of API tokens possibly leads to CSRF and dat...Dylan Hardison1-9/+6
2016-05-02Add build.platform = linux64, machine.platform = linux64 to taskgraph.json to...David Lawrence1-4/+28
2016-04-28Bug 1256051 - Allow MozReview.attachments() to post mozreview-* tags without ...Dylan Hardison1-7/+14
2016-04-27Bug 1235514 - Change color of note regarding changed votesNikhil Handa2-10/+12
2016-04-27Bug 1225214 - Implement very simple request time loggingDylan Hardison1-0/+3
2016-04-22Bug 1195736 - intermittent internal error: "file error - nav_link: not found"...Dylan Hardison5-6/+22
2016-04-22Bug 1266167 - clickjacking is possible on "view all" and "details" attachment...David Lawrence2-2/+2
2016-04-21Bug 1239838 - Don't see a way to redirect a needinfo request (in Experimental...Byron Jones4-166/+225
2016-04-20Bug 1266117 - I have found a bug in the section 2.6.1 in the user guide(2.6) ...David Lawrence1-1/+1
2016-04-19Bug 1265432 - backport upstream bug 1263923 to bmo/4.2 - X-Bugzilla-Who head...David Lawrence1-1/+1
2016-04-13Revert "Bug 1195736 - intermittent internal error: "file error - nav_link: no...Dylan William Hardison3-13/+2
2016-04-13Bug 1264207 - add support for the hellosplat tracker to 'see also'Byron Jones3-0/+26
2016-04-13Bug 1195736 - intermittent internal error: "file error - nav_link: not found"...Dylan Hardison3-2/+13
2016-04-12Bug 1263520 - Cannot set r+ back to r? directlyDavid Lawrence2-2/+2
2016-04-07Bug 1260458 - search failing for users who are not members of the insider gro...David Lawrence1-1/+2
2016-04-04Bug 1259322 - Legal compliance / adding link to footerDavid Lawrence3-12/+23
2016-04-04Bug 1257662 - Disallow clearing a flag if the flag is set to allow granting b...David Lawrence4-8/+20
2016-04-04Bug 1197061 - don't create a new session for every authenticated XMLRPC/JSONR...David Lawrence1-0/+7
2016-03-30Bug 1260545 - Legal compliance / adding terms link to new BMO account flowDavid Lawrence1-0/+6
2016-03-25Bug 1253718 - CRM/Email request formDavid Lawrence3-0/+362
2016-03-24Bug 1259266 - Attachment of security issues when viewing a bug are indistingu...David Lawrence3-3/+15
2016-03-23Bug 1251236 - Please show the diff on the attachment details page when a patc...Byron Jones2-65/+86
2016-03-22Bug 1258547 - XSS through javascript: callback URLs in auth delegationDylan Hardison2-0/+7
2016-03-21Bug 1252782 - can't add a "See Also" to a Chromium bug on bugs.chromium.orgDavid Lawrence3-0/+51
2016-03-15Bug 1256954 - Multiple Selenium cases are failing after the commit of bug 125...David Lawrence1-1/+1
2016-03-15Bug 1251442 - Update VP list in Recruiting ProductDavid Lawrence1-0/+1
2016-03-15Bug 1229834 - extend information we [audit] log to the syslogDylan Hardison2-1/+16
2016-03-14Bug 1255272 - Adding a flag via the MozReview batch-attachment API doesn't CC...Dylan Hardison1-0/+3
2016-03-10Bug 1252578 - CSRF and SELECT-only SQL execution attack against query_databas...Dylan Hardison2-0/+2
2016-03-10Bug 1253914 - Cross domain referer leakage when resetting the user passwordDylan Hardison4-1/+8
2016-03-10Bug 1254227 - MozReview auth delegation allows sending out phishing mails via...Dylan Hardison4-3/+15
2016-03-10Bug 1254675 - bug_modal template fails to escape format parameterDavid Lawrence1-1/+1
2016-03-10Bug 1254542 - Reflected XSS in comment-remo-form-payment.txt pageDylan Hardison2-1/+2
2016-03-09Bug 1253483 - MozReview.attachments() doesn't create flags on new attachmentsDylan Hardison1-1/+7
2016-03-08Bug 1252554 - Avoid possibility of XSS in release tracking reportDylan Hardison1-3/+3
2016-03-08Bug 1252445 - Tracking flags configuration is vulnerable to CSRF and causes p...David Lawrence6-9/+24
2016-03-08Bug 1251442 - Update VP list in Recruiting ProductDavid Lawrence1-3/+4
2016-03-07Bug 1253691 - In issue-api-key.pl, set the MozReview API key if the descripti...Mark Côté1-2/+9
2016-03-07Bug 1252084 - Warning when entering row into user_request_log when running co...David Lawrence1-1/+2
2016-03-07Bug 1252862 - Remove calls to delete_token() in several places where it is un...David Lawrence3-4/+1
2016-03-03Bug 1252735 - test_email_preferences.t selenium test is intermittently failingDavid Lawrence1-1/+1
2016-03-03Bug 1252735 - selenium tests are failingDavid Lawrence1-0/+0
2016-03-03Bug 1253032 - Recent change to JSON::XS breaks some APIsDylan Hardison1-0/+1
2016-03-02Bug 1252628 - 404 on https://www.mozilla.org/en-US/quality/bug-writing-guidel...David Lawrence1-1/+1
2016-03-01Bug 1252437 - XSS vulnerability through malicious bug aliasesDylan Hardison1-1/+2
2016-03-01Bug 1252437 - XSS vulnerability through malicious bug aliasesDylan Hardison2-3/+6
2016-03-01Revert "Bug 1251208 - Bugzilla->request_cache() can be faster"Dylan William Hardison1-6/+29
2016-03-01Bug 1252210 - AntiSpam configuration is vulnerable to CSRF and persistent XSSDylan Hardison2-1/+8
2016-03-01Bug 1252216 - Push extension configuration is vulnerable to CSRF and potentia...David Lawrence3-0/+7