Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2015-03-05 | Bug 1128853: Bugzilla shouldn't try to write API tokens into the shadow DB | Byron Jones | 1 | -0/+5 | |
r=dkl,a=glob | |||||
2014-09-08 | Bug 1046126: Do not generate a new API token every time you access a ↵ | David Lawrence | 1 | -3/+10 | |
bug-related page r=sgreen,a=glob | |||||
2014-08-13 | Bug 996893: Perl 5.18 and newer throw tons of warnings about deprecated modules | Frédéric Buclin | 1 | -0/+1 | |
r=dkl a=sgreen | |||||
2014-07-27 | Bug 726696 - All authenticated WebServices methods should require ↵ | Simon Green | 1 | -1/+17 | |
username/pass, token or a valid API key for authentication r=dkl, a=sgreen | |||||
2014-02-27 | Bug 947823: Replace gender-specific pronouns with gender-neutral pronouns | Charlie Somerville | 1 | -8/+8 | |
r=gerv a=justdave | |||||
2014-01-27 | Bug 964113: Digest::SHA 5.82 and newer always croak on wide characters, ↵ | Frédéric Buclin | 1 | -0/+4 | |
preventing saved searched from being displayed r=dkl a=justdave | |||||
2013-10-16 | Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy ↵ | Dave Lawrence | 1 | -5/+17 | |
and allowing easier brute force r=LpSolit,a=glob | |||||
2013-06-06 | Bug 878035: Do not disclose whether a user account exists or not when a user ↵ | Frédéric Buclin | 1 | -1/+3 | |
clicks "forgot password" r=dkl a=LpSolit | |||||
2012-12-01 | Bug 787668: Use |use parent| instead of |use base| | Matt Selsky | 1 | -1/+1 | |
r/a=LpSolit | |||||
2012-11-30 | Bug 816747 - Add dummy POD for unPODded methods. | Marc Schumann | 1 | -0/+10 | |
r/a=LpSolit | |||||
2012-09-01 | Bug 787529: Use |use 5.10.1| everywhere | Frédéric Buclin | 1 | -7/+2 | |
r=wicked a=LpSolit | |||||
2012-07-30 | Bug 767623 - Use HMAC to generate tokens and sensitive graph filenames | Reed Loden | 1 | -8/+6 | |
[r=LpSolit a=LpSolit] | |||||
2012-04-13 | Bug 349337: The time between two successive token requests should be a constant | Koosha Khajeh Moogahi | 1 | -3/+3 | |
r/a=LpSolit | |||||
2012-01-11 | Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and ↵ | Frédéric Buclin | 1 | -20/+5 | |
add it to files which miss one r=kiko r=mkanat r=mrbball a=LpSolit | |||||
2011-12-13 | Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible ↵ | Reed Loden | 1 | -2/+7 | |
unauthorized account creation e-mail request [r=mkanat a=mkanat] | |||||
2011-08-17 | Bug 677522: IssueEmailChangeToken() should get the old login name from the ↵ | Frédéric Buclin | 1 | -4/+4 | |
user object r=timello a=LpSolit | |||||
2011-08-16 | Bug 677901: Bugzilla crashes when no token is passed to token.cgi but the ↵ | Frédéric Buclin | 1 | -6/+4 | |
script expects one, because tokens are incorrectly validated r/a=mkanat | |||||
2011-08-15 | Bug 678959: Make GenerateUniqueToken work for all tables | Byron Jones | 1 | -1/+1 | |
r=LpSolit, a=LpSolit | |||||
2011-07-25 | Bug 589128: Adds a preference allowing users to choose between text or html | Byron Jones | 1 | -3/+3 | |
for bugmail. r=LpSolit, a=LpSolit | |||||
2010-10-07 | Bug 602165: Change sql_interval to sql_date_math, in preparation for | Max Kanat-Alexander | 1 | -14/+14 | |
MS-SQL and SQLite support. | |||||
2010-03-01 | Bug 508823: Make it so that you don't ever have to reset template_inner (like | Max Kanat-Alexander | 1 | -3/+0 | |
Bugzilla->template_inner("")). r=LpSolit, a=LpSolit | |||||
2009-12-31 | Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxies | mkanat%bugzilla.org | 1 | -2/+2 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat | |||||
2009-02-09 | Bug 477513: md5_hex() fails if a saved search has UTF8 characters in it - ↵ | lpsolit%gmail.com | 1 | -1/+7 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit | |||||
2009-02-02 | Bug 26257: [SECURITY] Bugzilla should prevent malicious webpages from making ↵ | lpsolit%gmail.com | 1 | -2/+52 | |
bugzilla users submit changes to bugs - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit | |||||
2009-01-08 | Bug 452519: Fix timezones in emails - Patch by Frédéric Buclin ↵ | lpsolit%gmail.com | 1 | -7/+9 | |
<LpSolit@gmail.com> r=wicked a=LpSolit | |||||
2008-04-03 | Bug 405946: Some emails are not sent in the language chosen by the addressee ↵ | lpsolit%gmail.com | 1 | -41/+42 | |
- Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit | |||||
2007-11-19 | Bug 399163: Bugzilla/*.pm should use transactions for database interaction - ↵ | lpsolit%gmail.com | 1 | -6/+2 | |
Patch by Emmanuel Seyman <eseyman@linagora.com> r/a=mkanat | |||||
2007-03-11 | Bug 366466 - "flag notification mail has canceled spelled incorrectly" ↵ | reed%reedloden.com | 1 | -3/+3 | |
[p=reed r=timeless a=mkanat] | |||||
2006-11-21 | Fix nits about bug 316797 | lpsolit%gmail.com | 1 | -3/+3 | |
2006-11-21 | Bug 316797: Token.pm needs POD - Patch by Frédéric Buclin ↵ | lpsolit%gmail.com | 1 | -0/+181 | |
<LpSolit@gmail.com> r/a=myk | |||||
2006-10-21 | Bug 340538: Insecure dependency in exec while running with -T switch at ↵ | wurblzap%gmail.com | 1 | -1/+0 | |
/usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. Patch by Marc Schumann <wurblzap@gmail.com>, r=LpSolit, a=myk | |||||
2006-10-15 | Bug 281181: [SECURITY] It's way too easy to delete ↵ | lpsolit%gmail.com | 1 | -3/+54 | |
versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-08-26 | Bug 350120: undefined value when creating a new user account - Patch by ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-08-20 | Bug 87795: Creating an account should send token and wait for confirmation ↵ | lpsolit%gmail.com | 1 | -16/+46 | |
(prevent user account abuse) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=bkor a=myk | |||||
2006-07-14 | Bug 343338: Eliminate "my" variables from the root level of modules | mkanat%bugzilla.org | 1 | -4/+4 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk | |||||
2006-07-04 | Bug 338375: Use Bugzilla->params everywhere instead of Param(). | mkanat%bugzilla.org | 1 | -1/+0 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave | |||||
2006-07-04 | Bug 342869: Use Bugzilla->params everywhere except templates | mkanat%bugzilla.org | 1 | -7/+8 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave | |||||
2006-06-21 | Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵ | lpsolit%gmail.com | 1 | -3/+0 | |
Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-06-02 | Bug 339862: Move Bugzilla::BugMail::MessageToMTA() in a separate module - ↵ | lpsolit%gmail.com | 1 | -5/+5 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave | |||||
2006-03-10 | I forgot a "fix on checkin" (useless whitespaces) | lpsolit%gmail.com | 1 | -1/+1 | |
2006-03-10 | Bug 300551: Eliminate deprecated Bugzilla::DB routines from User.pm and ↵ | lpsolit%gmail.com | 1 | -67/+60 | |
Token.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave | |||||
2006-01-03 | Bug 119524: SECURITY: predictable sessionid (Use a token instead of ↵ | lpsolit%gmail.com | 1 | -1/+5 | |
logincookie) - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=mkanat a=justdave | |||||
2005-11-14 | Bug 301062: [PostgreSQL] whine.pl fails when using PostgreSQL 8.0.x - Patch ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=manu a=justdave | |||||
2005-10-25 | Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav ↵ | lpsolit%gmail.com | 1 | -7/+7 | |
Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave | |||||
2005-09-02 | Bug 304582: Move GenerateRandomPassword() out of globals.pl - Patch by ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
Frédéric Buclin <LpSolit@gmail.com> r=joel a=myk | |||||
2005-08-13 | Bug 303669: Bugzilla mis-uses perl subroutine prototypes | mkanat%kerio.com | 1 | -3/+3 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave | |||||
2005-08-10 | Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
r=mkanat,wicked a=justdave | |||||
2005-08-09 | Backout of bug 303669 which broke AppendComment and possibly a number | bugreport%peshkin.net | 1 | -3/+3 | |
of other items. | |||||
2005-08-09 | Bug 303669: Bugzilla mis-uses perl subroutine prototypes | mkanat%kerio.com | 1 | -3/+3 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave | |||||
2005-07-08 | Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case ↵ | mkanat%kerio.com | 1 | -1/+1 | |
insensitive Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave |