summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2011-08-16Bug 582209: Bugzilla::DB::Oracle::adjust_statement() LIMIT code corrupts ↵Frédéric Buclin1-14/+11
sub-selects r/a=mkanat
2011-08-16Bug 460074: Make post_bug.cgi use should_set for array fields, so theyMax Kanat-Alexander2-3/+7
are undef in Bugzilla::Bug->create if not passed to post_bug. This fixes a bug with the guided bug form creating bugs without any groups. r=LpSolit, a=mkanat
2011-08-15Bug 537759: The "Description" field for attachments should be highlighted as ↵Kent Rogers1-2/+3
being mandatory r/a=LpSolit
2011-08-15Bug 678959: Make GenerateUniqueToken work for all tablesByron Jones1-1/+1
r=LpSolit, a=LpSolit
2011-08-10Bug 677187: If the attachment filename contains a newline, an error is ↵Frédéric Buclin2-5/+10
thrown when trying to download the attachment r/a=mkanat
2011-08-06Bump version number post-release.Max Kanat-Alexander1-1/+1
2011-08-05Bug 676430: When editing a bug, a user not in the timetracking group ↵Frédéric Buclin1-1/+1
generates "Use of uninitialized value in abs at Bugzilla/Bug.pm line 2682" in the web server error log r/a=mkanat
2011-08-05Bump version for 4.1.3.Max Kanat-Alexander2-3/+3
https://bugzilla.mozilla.org/show_bug.cgi?id=660531
2011-08-05Bug 658407: Make Bugzilla not use Math::Random::Secure anymore, due to theMax Kanat-Alexander6-37/+259
difficulty of installing its dependencies. Instead move the code directly into Bugzilla itself. r=LpSolit, r=glob, a=mkanat
2011-08-04Bug 674497: (CVE-2011-2979) [SECURITY] Custom searches let you determine if ↵Frédéric Buclin1-2/+2
a group exists or not r=glob a=LpSolit
2011-08-04Bug 670868: (CVE-2011-2978) [SECURITY] Account preferences page trusts ↵Byron Jones1-1/+1
user-modifiable field for obtaining current e-mail address r/a=LpSolit
2011-08-04Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause ↵Byron Jones3-30/+106
XSS on this domain in IE 6-8 and Safari r/a=LpSolit
2011-08-04Bug 660502: (CVE-2011-2977) [SECURITY] Temporary files for uploaded ↵Frédéric Buclin1-1/+4
attachments are not deleted on Windows r=glob a=LpSolit
2011-08-04Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when ↵Frédéric Buclin6-68/+133
creating or editing a bug r=mkanat a=LpSolit
2011-08-04Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment ↵Reed Loden2-1/+4
containing newline are corrupt [r=LpSolit a=LpSolit]
2011-08-04Fix bustage due to bug 660382Frédéric Buclin1-4/+0
2011-08-04Bug 676237: The traceback in code-error.html.tmpl is displayed on a single lineFrédéric Buclin1-1/+1
r=glob a=LpSolit
2011-08-04Bug 674554 - Add new template hook in request/email.txt.tmpl called ↵David Lawrence1-0/+3
'after_summary' r/a=mkanat
2011-08-04Bug 676200: We shouldn't manually delete obsolete parameters in ↵Frédéric Buclin1-17/+13
Bugzilla::Config::update_params(), else they are not saved in old-params.txt r/a=mkanat
2011-08-03Bug 660382: Hide the complex features of custom search by defaultMax Kanat-Alexander2-15/+43
r=dkl, a=mkanat
2011-08-03Fix a warning thrown when running 011pod.tFrédéric Buclin1-1/+1
2011-08-03Bug 655910: When calling ./install-module.pl --all, install LWP before ↵Frédéric Buclin1-6/+6
XML::Twig, else arguments passed to build XML::Twig are propagated to Net::HTTP which then fails r/a=mkanat
2011-08-03Bug 675754: Release notes for Bugzilla 4.0.2Frédéric Buclin1-0/+42
r/a=mkanat
2011-08-01Bug 634812: Having a very large number of custom fields can make displaying ↵Frédéric Buclin5-25/+31
show_bug.cgi slow r=glob a=LpSolit
2011-08-01Bug 674574: When all components or versions are disabled, you cannot enter ↵Frédéric Buclin2-11/+16
bugs into the product but it's listed in enter_bug.cgi anyway r=dkl a=LpSolit
2011-07-31Bug 673702: Undefined get_add_fk_sql in Bugzilla/DB/Schema.pmBodo-Merle Sandor1-2/+2
r/a=mkanat
2011-07-31Bug 655912: install-module.pl is unable to install LWP::UserAgent on Perl ↵Frédéric Buclin1-1/+13
<5.8.8, because LWP 6.0 now requires 5.8.8 as a minimum r/a=mkanat
2011-07-26Bug 285466: Add documentation for --regenerate option to collectstats.plFrédéric Buclin2-16/+48
r=gerv a=LpSolit
2011-07-26Bug 673976: Style for #somebugs is duplicated in create-guided.html.tmplFrédéric Buclin1-0/+2
r=glob a=LpSolit
2011-07-26Bug 647158: The Error Console in Firefox reportsFrédéric Buclin4-77/+60
"unbalanced tree was written using document.write()" when reporting a new bug or when visiting the "User Authentication" panel in the Parameters page r=glob a=LpSolit
2011-07-26Bug 674089: Add a new hook 'end_object_name' in user-error.html.tmpl templateTiago Mello1-0/+1
r/a=mkanat
2011-07-26Bug 674117: Add a new hook 'auth_failure_object' in user-error.html.tmpl ↵Tiago Mello1-0/+2
template r/a=mkanat
2011-07-25Remove an extra comma which makes the W3C CSS validator to complain (+ some ↵Frédéric Buclin1-2/+2
unrelated whitespace cleanup) r=wicked on IRC
2011-07-25Bug 673956: Remove obsolete panel.css (it was only used by sidebar.cgi, ↵Frédéric Buclin1-37/+0
which is gone) r=glob a=LpSolit
2011-07-25Bug 642388: Description of field days_elapsed missing from ↵Frédéric Buclin2-0/+2
global/field-descs.none.tmpl r=wurblzap a=LpSolit
2011-07-25Bug 673819: Remove browser-specific values for the white-space CSS elementFrédéric Buclin1-6/+1
r=glob a=LpSolit
2011-07-25Bug 589128: Adds a preference allowing users to choose between text or htmlByron Jones14-23/+44
for bugmail. r=LpSolit, a=LpSolit
2011-07-25Bug 652663 - When using bug_format_comment hook some replacements can happen ↵David Lawrence1-2/+4
more than once causing broken links r/a=LpSolit
2011-07-22Bug 670670 - New hook for requests.cgi that allows for additional links ↵David Lawrence1-1/+4
after attachment descriptions. r/a=mkanat
2011-07-20Bug 600810: Use XMLRPC::Transport::HTTP:Apache as base class under mod_perlTeemu Mannermaa1-1/+5
r/a=mkanat
2011-07-20Bug 669223: Add a new hook 'before_table' in list-classifications.html.tmpl ↵Tiago Mello1-0/+2
template r/a=mkanat
2011-07-19Bug 643890: Use Apache's ErrorLog when using mod_perl/vhostsChristian Ruppert1-0/+5
r=mkanat, a=mkanat
2011-07-19Bug 671964: Move old field names conversion from do_search_functionTiago Mello1-7/+6
to _handle_chart(). r/a=mkanat
2011-07-18Bug 672173: Calling collectstats.pl with arguments passes the first argument ↵Frédéric Buclin1-1/+1
to some SQL statements r=gerv a=LpSolit
2011-07-18Bug 670906 - Make it so delta_ts is only updated when there are changes. Fix ↵Gervase Markham1-1/+1
regression from bug 620827. r=timello, a=lpsolit.
2011-07-18Bug 561170: Date validations are done in the wrong order, generating ↵Frédéric Buclin1-6/+6
unwanted warnings r=dkl a=LpSolit
2011-07-18Bug 670128: Missing explicit exit after calls to $cgi->redirect(), making ↵Frédéric Buclin2-1/+5
the rest of the scripts to be executed r=dkl a=LpSolit
2011-07-18Bug 662883: email_in.pl should ignore "out of the office" auto-reply emailsFrédéric Buclin1-0/+8
r/a=mkanat
2011-07-08Bug 670169 - Escape '>' in js filterReed Loden1-0/+1
[r=LpSolit a=LpSolit]
2011-07-06Bug 652410 - 500+ consecutive lines of markup whitespace in show_bug.cgi ↵David Lawrence1-6/+6
flags table, depending on flag states r/a=LpSolit