summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2011-08-04Bug 674497: (CVE-2011-2979) [SECURITY] Custom searches let you determine if ↵Frédéric Buclin1-2/+2
a group exists or not r=glob a=LpSolit
2011-08-04Bug 670868: (CVE-2011-2978) [SECURITY] Account preferences page trusts ↵Byron Jones1-1/+1
user-modifiable field for obtaining current e-mail address r/a=LpSolit
2011-08-04Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause ↵Byron Jones3-30/+106
XSS on this domain in IE 6-8 and Safari r/a=LpSolit
2011-08-04Bug 660502: (CVE-2011-2977) [SECURITY] Temporary files for uploaded ↵Frédéric Buclin1-1/+4
attachments are not deleted on Windows r=glob a=LpSolit
2011-08-04Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when ↵Frédéric Buclin6-68/+133
creating or editing a bug r=mkanat a=LpSolit
2011-08-04Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment ↵Reed Loden2-1/+4
containing newline are corrupt [r=LpSolit a=LpSolit]
2011-08-04Fix bustage due to bug 660382Frédéric Buclin1-4/+0
2011-08-04Bug 676237: The traceback in code-error.html.tmpl is displayed on a single lineFrédéric Buclin1-1/+1
r=glob a=LpSolit
2011-08-04Bug 674554 - Add new template hook in request/email.txt.tmpl called ↵David Lawrence1-0/+3
'after_summary' r/a=mkanat
2011-08-04Bug 676200: We shouldn't manually delete obsolete parameters in ↵Frédéric Buclin1-17/+13
Bugzilla::Config::update_params(), else they are not saved in old-params.txt r/a=mkanat
2011-08-03Bug 660382: Hide the complex features of custom search by defaultMax Kanat-Alexander2-15/+43
r=dkl, a=mkanat
2011-08-03Fix a warning thrown when running 011pod.tFrédéric Buclin1-1/+1
2011-08-03Bug 655910: When calling ./install-module.pl --all, install LWP before ↵Frédéric Buclin1-6/+6
XML::Twig, else arguments passed to build XML::Twig are propagated to Net::HTTP which then fails r/a=mkanat
2011-08-03Bug 675754: Release notes for Bugzilla 4.0.2Frédéric Buclin1-0/+42
r/a=mkanat
2011-08-01Bug 634812: Having a very large number of custom fields can make displaying ↵Frédéric Buclin5-25/+31
show_bug.cgi slow r=glob a=LpSolit
2011-08-01Bug 674574: When all components or versions are disabled, you cannot enter ↵Frédéric Buclin2-11/+16
bugs into the product but it's listed in enter_bug.cgi anyway r=dkl a=LpSolit
2011-07-31Bug 673702: Undefined get_add_fk_sql in Bugzilla/DB/Schema.pmBodo-Merle Sandor1-2/+2
r/a=mkanat
2011-07-31Bug 655912: install-module.pl is unable to install LWP::UserAgent on Perl ↵Frédéric Buclin1-1/+13
<5.8.8, because LWP 6.0 now requires 5.8.8 as a minimum r/a=mkanat
2011-07-26Bug 285466: Add documentation for --regenerate option to collectstats.plFrédéric Buclin2-16/+48
r=gerv a=LpSolit
2011-07-26Bug 673976: Style for #somebugs is duplicated in create-guided.html.tmplFrédéric Buclin1-0/+2
r=glob a=LpSolit
2011-07-26Bug 647158: The Error Console in Firefox reportsFrédéric Buclin4-77/+60
"unbalanced tree was written using document.write()" when reporting a new bug or when visiting the "User Authentication" panel in the Parameters page r=glob a=LpSolit
2011-07-26Bug 674089: Add a new hook 'end_object_name' in user-error.html.tmpl templateTiago Mello1-0/+1
r/a=mkanat
2011-07-26Bug 674117: Add a new hook 'auth_failure_object' in user-error.html.tmpl ↵Tiago Mello1-0/+2
template r/a=mkanat
2011-07-25Remove an extra comma which makes the W3C CSS validator to complain (+ some ↵Frédéric Buclin1-2/+2
unrelated whitespace cleanup) r=wicked on IRC
2011-07-25Bug 673956: Remove obsolete panel.css (it was only used by sidebar.cgi, ↵Frédéric Buclin1-37/+0
which is gone) r=glob a=LpSolit
2011-07-25Bug 642388: Description of field days_elapsed missing from ↵Frédéric Buclin2-0/+2
global/field-descs.none.tmpl r=wurblzap a=LpSolit
2011-07-25Bug 673819: Remove browser-specific values for the white-space CSS elementFrédéric Buclin1-6/+1
r=glob a=LpSolit
2011-07-25Bug 589128: Adds a preference allowing users to choose between text or htmlByron Jones14-23/+44
for bugmail. r=LpSolit, a=LpSolit
2011-07-25Bug 652663 - When using bug_format_comment hook some replacements can happen ↵David Lawrence1-2/+4
more than once causing broken links r/a=LpSolit
2011-07-22Bug 670670 - New hook for requests.cgi that allows for additional links ↵David Lawrence1-1/+4
after attachment descriptions. r/a=mkanat
2011-07-20Bug 600810: Use XMLRPC::Transport::HTTP:Apache as base class under mod_perlTeemu Mannermaa1-1/+5
r/a=mkanat
2011-07-20Bug 669223: Add a new hook 'before_table' in list-classifications.html.tmpl ↵Tiago Mello1-0/+2
template r/a=mkanat
2011-07-19Bug 643890: Use Apache's ErrorLog when using mod_perl/vhostsChristian Ruppert1-0/+5
r=mkanat, a=mkanat
2011-07-19Bug 671964: Move old field names conversion from do_search_functionTiago Mello1-7/+6
to _handle_chart(). r/a=mkanat
2011-07-18Bug 672173: Calling collectstats.pl with arguments passes the first argument ↵Frédéric Buclin1-1/+1
to some SQL statements r=gerv a=LpSolit
2011-07-18Bug 670906 - Make it so delta_ts is only updated when there are changes. Fix ↵Gervase Markham1-1/+1
regression from bug 620827. r=timello, a=lpsolit.
2011-07-18Bug 561170: Date validations are done in the wrong order, generating ↵Frédéric Buclin1-6/+6
unwanted warnings r=dkl a=LpSolit
2011-07-18Bug 670128: Missing explicit exit after calls to $cgi->redirect(), making ↵Frédéric Buclin2-1/+5
the rest of the scripts to be executed r=dkl a=LpSolit
2011-07-18Bug 662883: email_in.pl should ignore "out of the office" auto-reply emailsFrédéric Buclin1-0/+8
r/a=mkanat
2011-07-08Bug 670169 - Escape '>' in js filterReed Loden1-0/+1
[r=LpSolit a=LpSolit]
2011-07-06Bug 652410 - 500+ consecutive lines of markup whitespace in show_bug.cgi ↵David Lawrence1-6/+6
flags table, depending on flag states r/a=LpSolit
2011-07-05Bug 658929 - User autocomplete is very slow when there are lots of users in ↵David Lawrence9-14/+54
the profiles table r/a=mkanat
2011-07-05Bug 666695 - Voting Extension templates have unfiltered directivesDavid Lawrence3-12/+12
r/a=mkanat
2011-07-05Bug 666699 - Example extension templates have unfiltered directivesDavid Lawrence2-2/+2
r/a=mkanat
2011-07-04Bug 616679: A user with local editcomponents privs should be able to set the ↵Frédéric Buclin2-5/+20
grant and request groups to groups the user belongs to only a=LpSolit
2011-07-01Revert wrong indentation, see bug 652427Frédéric Buclin1-1/+1
2011-06-29Bug 652427: Going back to the new bug page loses the description if possible ↵Guy Pyrzak4-5/+8
duplicates have been searched for r=mkanat, r=mkanat
2011-06-28Bug 666781 - t/008filter.t should not require filterexceptions.pl when one ↵David Lawrence1-9/+7
does not exist especially with extensions r/a=mkanat
2011-06-24Bug 652444 - Voting for bugs where the product allows only one vote per bug ↵David Lawrence1-2/+9
but that isn't clear in the voting form or help r/a=LpSolit
2011-06-23Bug 658547 - The link for new attachments in bugmail should point to the ↵David Lawrence1-1/+1
"Edit" page rather than to the attachment content itself r/a=LpSolit