summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2013-10-18adjust version to 4.2.7+Byron Jones1-1/+1
2013-10-17Bug 912661 - backport upstream bug 911593 to bmo/4.2 for csrf security fix ↵Dave Lawrence1-3/+2
in process_bug.cgi r=glob
2013-10-17Revert for now Bug 887117 - Move the compiled template cache dir to a ↵Dave Lawrence3-3/+1
directory in the document root to avoid storing on NFS
2013-10-17Bug 887117 - Move the compiled template cache dir to a directory in the ↵Dave Lawrence3-1/+3
document root to avoid storing on NFS r=glob
2013-10-17merged with bugzilla/4.2Dave Lawrence11-41/+98
2013-10-17Bug 927736: "invalid token" error if someone else changes the CC list while ↵Byron Jones1-11/+11
viewing a bug
2013-10-17add missing input imageByron Jones1-0/+0
2013-10-17Bug 927741: whines are throwing sql errors on stage (Unknown column ↵Byron Jones1-10/+1
'map_product.classification_id')
2013-10-17Bug 927570: mid-air conflict fails to check all changed fieldsByron Jones1-2/+4
2013-10-16Bump version to 4.2.7Dave Lawrence2-3/+3
2013-10-16Bug 924932: (CVE-2013-1743) [SECURITY] Field values are (still) not escaped ↵Frédéric Buclin1-14/+24
correctly in tabular reports r=dkl a=glob
2013-10-16Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not ↵Frédéric Buclin2-5/+3
sanitized when editing flag types if categoryAction-foo is set r=dkl a=glob
2013-10-16Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachmentsFrédéric Buclin1-8/+11
r=dkl a=sgreen
2013-10-16Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ↵Dave Lawrence1-1/+1
and allowing easier brute force r=LpSolit,a=sgreen
2013-10-16Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ↵Dave Lawrence1-3/+3
total entropy and allowing easier brute force r=LpSolit,a=sgreen
2013-10-16Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ↵Dave Lawrence3-8/+24
and allowing easier brute force r=LpSolit,a=glob
2013-10-16Bug 926109: Error when searching for many columns at once (MariaDB can only ↵Byron Jones4-12/+83
use 61 tables in a join)
2013-10-16Bug 927039: Typo in mozilla skin's global.cssByron Jones1-1/+0
2013-10-16Bug 926641: Release tracking report broken since 12-Oct BMO maintenanceDave Lawrence1-6/+11
2013-10-16Bug 927026: searching for an unset tracking flag is failing againByron Jones2-22/+0
2013-10-15fix default permissions on migrate-github-pull-requests.plByron Jones1-0/+0
2013-10-15Bug 916906: attaching a file which just contains a github url should ↵Byron Jones5-2/+159
automatically redirect to it when viewing
2013-10-15Bug 926842: unable to change status and tracking flag values once they are setByron Jones1-4/+2
2013-10-15Bug 917370: large dependency trees are very slow to loadByron Jones1-42/+65
2013-10-15Bug 926764: Use of uninitialized value in string eq at ↵Byron Jones1-1/+2
extensions/TrackingFlags/Extension.pm line 412
2013-10-15Bug 926557: searching for tracking flags is broken for negated terms where ↵Byron Jones1-1/+1
values are unset, breaking the leo+ b2g triage query
2013-10-15Bug 926118 - tracking flags are being cleared when making a change to a bug ↵Dave Lawrence1-8/+27
using the webservice api after tracking flag migration r=glob
2013-10-14Bug 926272: searching for an unset tracking flag fails since BMO upgradeByron Jones2-1/+22
2013-10-14Bug 926241: Multiple lock wait timeout exceeded errors on the bugs_activity ↵Byron Jones1-7/+5
table
2013-10-13Bug 926109 - Bugzilla has suffered an internal error while retrieving many ↵Dave Lawrence1-1/+10
columns at once
2013-10-13Bug 926118 - tracking flags are being cleared when making a change to a bug ↵Dave Lawrence1-1/+2
using the webservice api after tracking flag migration
2013-10-13Bug 926142 - Can't call method "is_active" on unblessed reference when ↵Dave Lawrence1-0/+6
loading certain bugs that have flags set but are no longer visible
2013-10-12Bug 912640: Release notes for Bugzilla 4.2.7Frédéric Buclin1-0/+30
r=dkl a=LpSolit
2013-10-11Bug 880829 - Migrate current custom field based tracking flags to the new ↵Dave Lawrence17-472/+450
Tracking Flags extension tables r=glob
2013-10-11merged with bugzilla/4.2Dave Lawrence2-1/+5
2013-10-11Bug 920026: Schema changes only for bug 920026Byron Jones1-6/+13
2013-10-01Bug 921860 - Use 64px gravatar for retina display supportDave Lawrence2-1/+1
r=glob
2013-10-01Bug 922705: firefox os beta program form shows an error message after the ↵Byron Jones1-0/+0
bug is created
2013-10-01Bug 922628 - Bugzilla web bounty form sets the wrong flagDave Lawrence1-1/+1
2013-09-30Bug 922310 - backport upstream bug 891311 to bmo/4.2 to make request.cgi ↵Dave Lawrence1-27/+31
more intuitive relating to search
2013-09-30 Bug 922304 - backport upstream bug 340160 to bmo/4.2 for performance ↵Dave Lawrence1-5/+7
improvement in recording bug activity
2013-09-30Bug 922246 - backport upstream bug 851267 to bmo/4.2 for performance ↵Dave Lawrence3-96/+94
improvement with large number of votes
2013-09-30Bug 864625 - Setting a non-privileged user as a requestee on a secure bug ↵Dave Lawrence1-6/+14
while ccing the same user to give access at the same time fails
2013-09-27Revert Bug 917669 - invalid or expired authentication tokens and cookies ↵Dave Lawrence5-41/+14
should throw errors, not be silently ignored
2013-09-27Bug 921133: Bugzilla has started to show some CC changes by defaultByron Jones1-1/+1
2013-09-27Bug 914262: KHTML-based browsers such as Konqueror do not support the ↵Frédéric Buclin1-1/+1
Server-Push technology r=dkl a=justdave
2013-09-27Bug 915685 - backport upstream bug 914986 and bug 917483 to bmo/4.2 for ↵Dave Lawrence4-5/+267
allowing attachment metadata editing in webservice API
2013-09-26Bug 921082 - Ember.create API sometimes doesn't return field valuesDave Lawrence2-2/+4
2013-09-26Bug 917669 - invalid or expired authentication tokens and cookies should ↵Dave Lawrence5-14/+41
throw errors, not be silently ignored
2013-09-26fix issue with needinfo names from bug 919376Byron Jones1-2/+2