summaryrefslogtreecommitdiffstats
path: root/Bugzilla
AgeCommit message (Collapse)AuthorFilesLines
2012-11-13Bug 781850 (CVE-2012-4198): [SECURITY] Do not leak the existence of groups ↵Frédéric Buclin2-6/+21
when using User.get() r=dkl a=LpSolit
2012-11-13Bug 802204 (CVE-2012-4197): [SECURITY] Marking an attachment you cannot see ↵Frédéric Buclin1-3/+0
as obsolete can disclose its description r=gerv a=LpSolit
2012-11-03Bug 804505: Oracle crashes when typing "word1 word2" in QuickSearch with ↵Frédéric Buclin3-9/+10
"ORA-29907: found duplicate labels in primary invocations" r=dkl a=LpSolit
2012-11-02Fix typoFrédéric Buclin1-1/+1
2012-11-02Bug 807937: Fix PODKoosha Khajeh Moogahi1-6/+7
r/a=LpSolit
2012-10-25Bug 781336: disable SKIP_REQUESTEE_ON_ERRORByron Jones1-1/+1
2012-10-24Bug 803058: add a shortcut to quicksearch to enable or disable comment ↵Byron Jones1-1/+6
searching for that query
2012-10-19Bug 531243: Bugzilla crashes on show_bug if it's hit while a custom field is ↵Frédéric Buclin1-1/+9
being added r=justdave a=LpSolit
2012-10-19Bug 780053: Oracle crashes when listing keywords or flags in buglistsDavid Taylor1-9/+13
r/a=LpSolit
2012-10-17Bug 802451 - backport bug 704999 to bmo (GitHub URLs aren't working in the ↵Dave Lawrence2-0/+37
"Add Bug URLs" field)
2012-10-16Bug 577329 - WebServices should filter email addresses same as the web UI as ↵Dave Lawrence8-20/+41
users are not always required to login
2012-10-16Bug 799721: PostgreSQL 9.2 requires DBD::Pg 2.19.3Frédéric Buclin1-4/+5
r=glob a=LpSolit
2012-10-13Fix typoFrédéric Buclin1-1/+1
2012-10-12s/sortey/sortkey/gFrédéric Buclin1-2/+2
2012-10-12Bug 793826: Prevent private web service methods from being calledKoosha Khajeh Moogahi1-1/+3
r=dkl a=LpSolit
2012-10-12Bug 799257 - Backport bug 795650 and bug 797833 to bmo/4.0 and bmo/4.2 for ↵Dave Lawrence2-8/+20
performance improvement r=glob
2012-10-09merged with bugzilla/4.2Dave Lawrence5-9/+28
2012-10-09Bug 753635: Allow editing local see also even if you cannot edit the other bugSimon Green1-3/+7
r=glob, a=LpSolit
2012-10-04Bug 788098: Queries involving group substitution crash when ↵Frédéric Buclin2-6/+14
usevisibilitygroups is enabled r=dkl a=LpSolit
2012-09-14Update POD to fix bustage in Perl 5.16.1Frédéric Buclin2-0/+7
r=runtests.pl
2012-09-13Bug 680771 - Send X-XSS-Protection header for XSS prevention/blockingReed Loden1-0/+4
[r=mkanat a=LpSolit]
2012-09-09Merge from bugzilla/4.2Reed Loden2-2/+4
2012-09-09Bug 671612: Send "X-Content-Type-Options: nosniff" with every responseMatt Selsky2-2/+4
r/a=LpSolit
2012-09-05Bug 749540: Avoid database deadlocks when deleting recent searchesByron Jones1-6/+7
2012-08-31Bug 783222 - Make set_all() throw error on invalid param names1-0/+5
r/a=LpSolit
2012-08-31Merge from bugzilla/4.2Reed Loden10-44/+181
2012-08-30Bumped version post-releaseDave Lawrence1-1/+1
2012-08-30Bump version to 4.2.3Dave Lawrence1-1/+1
2012-08-30Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can ↵Reed Loden1-0/+2
lead to LDAP injection r/a=LpSolit
2012-08-30Add x-generated-by header to bugmailByron Jones2-0/+12
2012-08-30Bug 731156: [Oracle] Adding or removing a DB column does not handle SERIAL ↵Frédéric Buclin2-29/+97
correctly r=dkl a=LpSolit
2012-08-29Bug 772620: Ignore empty strings in the CC listFrédéric Buclin1-0/+2
r=dkl a=LpSolit
2012-08-29Fix more bustage caused by Bug 772953Byron Jones1-4/+6
2012-08-29Fix bustage caused by Bug 772953Byron Jones1-1/+4
2012-08-28Bug 772953: Remove the token from buglist urlsByron Jones1-0/+5
r=dkl, a=LpSolit
2012-08-28Bug 786167: fix various "use of uninitialized value" warningsByron Jones1-1/+3
2012-08-26Bug 559539: [Oracle] whine.pl sets run_next incorrectly due to CURRENT_DATEDavid Taylor1-3/+5
r/a=LpSolit
2012-08-23Fix Use of uninitialized value in pattern match (m//) at ↵Dave Lawrence1-1/+1
/data/www/bugzilla.mozilla.org/Bugzilla/UserAgent.pm line 179 error from Arecibo
2012-08-23Bug 785063 - content of x-bugzilla-changed-fields in bugmail has changed ↵Dave Lawrence1-3/+8
from field descriptions to field names r=glob
2012-08-21Bug 783786: PostgreSQL databases can be created with the wrong encodingFrédéric Buclin1-0/+10
r=dkl a=LpSolit
2012-08-20Bug 698068: The "There is no saved search named ..." page has a "forget" linkFrédéric Buclin1-1/+1
r=glob a=LpSolit
2012-08-16fix interdiff breakageByron Jones1-1/+1
2012-08-16Bug 779862: shift PatchReader into bugzilla namespace and fix long standing ↵Dave Lawrence12-20/+1144
issues
2012-08-15Bug 779088 - Allow extensions to whitelist PATH_INFODave Lawrence2-1/+28
2012-08-15Bug 771100: Unable to attach a file to a bug with perl 5.16Frédéric Buclin1-1/+1
r=dkl a=LpSolit
2012-08-07Revert commit 8283Dave Lawrence1-10/+0
2012-08-07Bug 778631: use a persistent Template::Provider to avoid recompiling ↵Byron Jones1-0/+10
templates between page loads
2012-08-07Bug 779709: Don't allow searching on changes to private attachments or commentsSImon Green1-3/+36
r=glob, a=LpSolit
2012-08-03Bug 682317 - Bug.create is incorrectly documented as ignoring invalid ↵Koosha Khajeh Moogahi1-2/+3
fields; it should say it produces an error r=dkl, a=LpSolit
2012-08-03Bug 780028: Oracle crashes if a column listed in ORDER BY appears twice in ↵Frédéric Buclin1-4/+13
SELECT r=glob a=LpSolit