index
:
bugzilla
flyspray
harmony-master
harmony-unstable
master
Bugzilla
Florian Pritz
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
Bugzilla
/
Auth
Age
Commit message (
Expand
)
Author
Files
Lines
2016-05-19
Bug 1262039 - typo in error message "Failed to retreive components..."
David Lawrence
1
-1
/
+1
2016-05-03
Bug 1269236 - Incorrect checking of API tokens possibly leads to CSRF and dat...
Dylan Hardison
1
-9
/
+6
2016-03-15
Bug 1229834 - extend information we [audit] log to the syslog
Dylan Hardison
1
-0
/
+10
2015-11-05
Bug 1196743 - Fix information disclosure vulnerability that allows attacker t...
Dylan Hardison
1
-0
/
+2
2015-09-01
Bug 1197073 - add support for 2fa using totp (eg. google authenticator)
Byron Jones
2
-1
/
+22
2015-08-25
Bug 1197699 - always store the ip address in the logincookies table
Byron Jones
2
-12
/
+8
2015-08-24
Bug 1192687 - add the ability for users to view and revoke existing sessions
Dylan William Hardison
1
-1
/
+10
2015-08-11
Bug 1184332 - Add Restricted API calls for MozReview
Dylan William Hardison
1
-0
/
+13
2015-04-24
Bug 1157395: CSRF in log in form
David Lawrence
1
-5
/
+38
2015-03-26
Bug 1147550: Minimum password length handler not trusted by password change
Byron Jones
1
-4
/
+13
2015-03-09
Bug 1140966: backport bug 1139257 to bmo (allow cookie+api-token GET REST req...
Byron Jones
1
-8
/
+18
2015-01-29
Bug 1045145: backport upstream bug 726696 to bmo/4.2 to allow use of api keys...
David Lawrence
2
-1
/
+68
2014-11-14
Bug 1097813: backport upstream bug 1001462 to bmo/4.2 to fix issue with using...
David Lawrence
3
-3
/
+4
2014-11-04
Bug 1093622: Backout bug 1090427 for causing: authenticated calls from bzapi ...
Byron Jones
1
-37
/
+4
2014-11-04
Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf for login...
David Lawrence
1
-4
/
+37
2014-05-20
Bug 1009017: users are unable to log in if their password needs to be re-encr...
Byron Jones
1
-1
/
+3
2014-03-04
Bug 966180: backport bug 956233 to bmo (enable USE_MEMCACHE on most objects)
Byron Jones
2
-2
/
+7
2013-12-31
merged with bugzilla/4.2
Dave Lawrence
1
-1
/
+2
2013-12-21
Bug 748095: Bugzilla crashes when the shutdownhtml parameter is set and using...
Frédéric Buclin
1
-1
/
+1
2013-10-25
Bug 921523 - backport upstream bug 917669 to bmo/4.2 to throw error when inva...
Dave Lawrence
1
-7
/
+10
2013-10-17
merged with bugzilla/4.2
Dave Lawrence
1
-3
/
+3
2013-10-16
Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ...
Dave Lawrence
1
-3
/
+3
2013-09-27
Revert Bug 917669 - invalid or expired authentication tokens and cookies shou...
Dave Lawrence
1
-13
/
+8
2013-09-26
Bug 917669 - invalid or expired authentication tokens and cookies should thro...
Dave Lawrence
1
-8
/
+13
2013-08-29
Bug 909634 - backport upstream bug 893195 to bmo/4.2 for token auth support i...
Dave Lawrence
3
-23
/
+79
2012-08-30
Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can l...
Reed Loden
1
-0
/
+2
2011-11-18
Make Login/Stack.pm refuse to continue down the stack if an Auth method retur...
Gervase Markham
1
-2
/
+8
2011-05-06
Bug 653713: editusers.cgi crashes when editing a user profile
Jochen Wiedmann
1
-1
/
+4
2011-04-28
Bug 423612 - Allow editing extern_id for users from the admin interface
Jochen Wiedmann
5
-0
/
+30
2010-10-15
Bug 604522: t/012throwables.t doesn't catch new user errors correctly
Frédéric Buclin
1
-2
/
+2
2010-10-14
Bug 575947: Users with passwords length less than 6 characters can't login af...
Frédéric Buclin
1
-0
/
+6
2010-10-07
Bug 602165: Change sql_interval to sql_date_math, in preparation for
Max Kanat-Alexander
1
-2
/
+3
2010-04-22
Bug 550732: Allow read-only JSON-RPC methods to be called with GET
Max Kanat-Alexander
4
-0
/
+16
2010-03-24
Bug 553770: Make the JSON-RPC WebService throw a proper error when you don't
Max Kanat-Alexander
1
-4
/
+2
2010-02-01
Fix the data in the bzr repo to match the data in the CVS repo.
Max Kanat-Alexander
1
-0
/
+0
2010-01-05
Bug 467992: Login fails if the user's LDAP account is denied search in LDAP -...
lpsolit%gmail.com
1
-5
/
+28
2009-12-31
Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxies
mkanat%bugzilla.org
2
-2
/
+2
2009-12-31
Bug 385606: Logincookies are recreated at each HTTP request when using the 'E...
lpsolit%gmail.com
1
-0
/
+1
2009-12-13
Bug 355283: Lock out a user account on a particular IP for 30 minutes if they...
mkanat%bugzilla.org
1
-16
/
+30
2009-11-24
Bug 430014: Re-write the code hooks system so that it uses modules instead of...
mkanat%bugzilla.org
2
-2
/
+2
2009-11-09
Bug 525734: Allow WebService clients to authenticate using Bugzilla_login and...
mkanat%bugzilla.org
2
-8
/
+7
2009-10-19
Bug 399073: Remove the 'loginnetmask' parameter - Patch by Frédéric Buc...
lpsolit%gmail.com
2
-26
/
+14
2009-10-09
Bug 514913: Eliminate ssl="authenticated sessions"
mkanat%bugzilla.org
2
-16
/
+3
2009-04-17
Bug 488467: Verify and Login auth methods were being called in a random order...
mkanat%bugzilla.org
2
-2
/
+2
2009-03-02
Bug 121601: Have logout display index.cgi, not just a message on relogin.cgi.
mkanat%bugzilla.org
1
-0
/
+1
2009-01-20
Bug 134022: PERFORMANCE: deleting old login cookies locks login checks
mkanat%bugzilla.org
1
-0
/
+9
2009-01-02
Bug 211006: Make Bugzilla use SHA-256 instead of crypt() to store hashed pass...
mkanat%bugzilla.org
1
-0
/
+10
2008-10-23
Bug 455584 - Use bz_crypt everywhere instead of the crypt() function
dkl%redhat.com
1
-6
/
+1
2008-10-21
Bug 460770: Incorrect regexp when parsing the list of LDAP servers - Patch by...
lpsolit%gmail.com
1
-1
/
+1
2008-10-05
Partial backout of bug 183665. It's responsible for bug 457719
lpsolit%gmail.com
1
-1
/
+1
[next]