Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-04-18 | Bug 728639: (CVE-2012-0465) [SECURITY] User lockout policy can be bypassed ↵ | Frédéric Buclin | 3 | -5/+117 | |
by altering the X-FORWARDED-FOR header r=glob a=LpSolit | |||||
2012-04-18 | Bug 746547: SMALLSERIAL is of type INT2, not INT1 | Frédéric Buclin | 1 | -1/+1 | |
r=timello a=LpSolit | |||||
2012-04-17 | Bug 745197: Add a hook in Bugzilla::Error::_throw_error() so that extensions ↵ | Frédéric Buclin | 2 | -44/+80 | |
can control the way to throw errors r=dkl a=LpSolit | |||||
2012-04-17 | Bug 745320: Shared queries do not work when tags are part of the query | Frédéric Buclin | 1 | -3/+3 | |
r=dkl a=LpSolit | |||||
2012-04-13 | Move doc of the admin_editusers_action hook at its right place | Frédéric Buclin | 1 | -24/+24 | |
2012-04-12 | Bug 737436: Relative dates do not work correctly with the deadline field | Frédéric Buclin | 1 | -5/+11 | |
r=dkl a=LpSolit | |||||
2012-04-12 | Fix typo | Frédéric Buclin | 1 | -1/+1 | |
2012-04-11 | Bug 663377: Quicksearch using "status:" field doesn't work--it is defeated ↵ | Frédéric Buclin | 1 | -42/+30 | |
by the default status selection r=dkl a=LpSolit | |||||
2012-04-10 | Bug 743991: Need a new hook to update Bugzilla::Search::COLUMN_JOINS | rojanu | 2 | -1/+51 | |
r/a=LpSolit | |||||
2012-04-04 | Bug 58179: End date not included in the Search By Change History section | Frédéric Buclin | 1 | -0/+5 | |
r=dkl a=LpSolit | |||||
2012-03-31 | Search for start-of-time-interval in date fields is (partially?) broken. | Marc Schumann | 1 | -1/+1 | |
r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=715270 | |||||
2012-03-30 | Fix bustage: Perl 5.8.x doesn't understand \g1 in regexp (must use \1 instead) | Frédéric Buclin | 1 | -1/+1 | |
2012-03-29 | Bug 554819: Quicksearch should be using Text::ParseWords instead of custom ↵ | Frédéric Buclin | 2 | -95/+95 | |
code in splitString Also fixes QS with accented characters (bug 730207) r=dkl a=LpSolit | |||||
2012-03-28 | Bug 730984: A single whitespace in the Status Whiteboard field generates an ↵ | Frédéric Buclin | 1 | -1/+5 | |
invalid SQL query r=dkl a=LpSolit | |||||
2012-03-22 | Bug 733458: The "creator" argument is listed twice for the Bug.search ↵ | Matt Selsky | 1 | -7/+3 | |
WebService method r/a=LpSolit | |||||
2012-03-10 | Bug 731163: Search.pm can use undefined alias in ORDER BY clause | Frédéric Buclin | 1 | -1/+1 | |
r=dkl a=LpSolit | |||||
2012-03-09 | Fixed comma in documentation | Dave Lawrence | 1 | -1/+1 | |
2012-03-09 | Bug 730794 - Need new hook edituser page | Francisco Donalisio | 1 | -0/+24 | |
r=dkl, a=LpSolit | |||||
2012-02-29 | Bug 731219: Fix XMLRPC breakage when content-type contains a charset | Byron Jones | 1 | -1/+4 | |
r=dkl, a=LpSolit | |||||
2012-02-28 | Bug 731055: get_enterable_products() is very slow when a product has many ↵ | Frédéric Buclin | 1 | -6/+8 | |
components or versions r/a=mkanat | |||||
2012-02-27 | Bug 730598: Running checksetup.pl twice deletes the DEFAULT value of the ↵ | Frédéric Buclin | 1 | -1/+1 | |
bug_see_also.class column r=timello a=LpSolit | |||||
2012-02-22 | Bumped version number post-release | Dave Lawrence | 1 | -1/+1 | |
2012-02-22 | Bumped version to 4.2 | Dave Lawrence | 1 | -1/+1 | |
2012-02-22 | Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC ↵ | Dave Lawrence | 2 | -0/+16 | |
API when using mod_perl r/a=LpSolit | |||||
2012-02-16 | Bug 723944: Plain-text only emails are mangled when they contain non-ASCII ↵ | Frédéric Buclin | 1 | -1/+5 | |
characters r=glob a=LpSolit | |||||
2012-02-15 | Bug 724464 - JSON-RPC support shouldn't require SOAP::Lite | Dave Lawrence | 2 | -20/+14 | |
r/a=LpSolit | |||||
2012-02-15 | Bug 722113: The profile_search table has a wrong index name | Frédéric Buclin | 2 | -1/+7 | |
r=glob a=LpSolit | |||||
2012-02-14 | Bug 727240: The POD for Bug.attachments is wrong about the format of the ↵ | Frédéric Buclin | 1 | -16/+10 | |
returned data r=dkl a=LpSolit | |||||
2012-02-01 | Bump the version number post-release | Dave Lawrence | 1 | -1/+1 | |
2012-01-31 | Bumped to version 4.2rc2 | Dave Lawrence | 1 | -1/+1 | |
2012-01-31 | (CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can ↵ | Frédéric Buclin | 1 | -1/+13 | |
lead to CSRF (no victim's action required) r=mkanat a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=718319 | |||||
2012-01-31 | Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email ↵ | Frédéric Buclin | 2 | -2/+2 | |
addresses, which could allow an attacker to be CC'ed to private bugs by accident r=glob a=LpSolit | |||||
2012-01-31 | Bug 714446: Product.create default behavior is broken and inconsistent with POD | Frédéric Buclin | 1 | -17/+29 | |
r=dkl a=LpSolit | |||||
2012-01-27 | Bug 721715: URLs in the See Also field must be detainted before inserted ↵ | Frédéric Buclin | 1 | -4/+3 | |
into the DB r=dkl a=LpSolit | |||||
2012-01-25 | Bug 717217: The regexp in Bugzilla::BugUrl::JIRA::should_handle() isn't | Simon Green | 1 | -1/+1 | |
restrictive enough (min two letters required) r=timello, a=LpSolit | |||||
2012-01-24 | Bug 718183: Rename duplicated series names before inserting the new index in ↵ | Frédéric Buclin | 1 | -0/+31 | |
the series table r=dkl a=LpSolit | |||||
2012-01-24 | Bug 715870: [Oracle] Related sequences and triggers must be removed when ↵ | Frédéric Buclin | 1 | -1/+19 | |
dropping a table r=mkanat a=LpSolit | |||||
2012-01-24 | Bug 633061: Require Apache2::SizeLimit 0.96 for proper operation on Linux | Max Kanat-Alexander | 1 | -3/+2 | |
r=dkl a=mkanat | |||||
2012-01-12 | Bug 715731 - profile_search.user_id should have a FK pointing to profiles.userid | Dave Lawrence | 1 | -1/+4 | |
r/a=LpSolit | |||||
2012-01-12 | Bug 715902: Do not log personal common activities in audit_log | Frédéric Buclin | 8 | -3/+23 | |
r=dkl a=LpSolit | |||||
2012-01-11 | Bug 716227: When checksetup.pl tells the admin that he should edit variables ↵ | Frédéric Buclin | 1 | -3/+6 | |
in localconfig, the message should be red r=timello a=LpSolit | |||||
2012-01-05 | Bug 706753: Bugzilla will not work with newest version of JSON::RPC 1.01 due ↵ | Frédéric Buclin | 1 | -1/+12 | |
to non-backward compatibility r=dkl r=mkanat a=LpSolit | |||||
2011-12-29 | Bump the version number post-release | Dave Lawrence | 1 | -1/+1 | |
2011-12-29 | Bump version for 4.2rc1 | Dave Lawrence | 1 | -1/+1 | |
2011-12-28 | Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email ↵ | Frédéric Buclin | 3 | -19/+45 | |
WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account r=dkl a=LpSolit | |||||
2011-12-28 | Bug 697699 - (CVE-2011-3657) [SECURITY] XSS when viewing new charts or ↵ | Byron Jones | 1 | -1/+1 | |
tabular and graphical reports in debug mode r=gerv, a=LpSolit | |||||
2011-12-28 | Bug 713144: The SQL query to remove older searches from the profile_search ↵ | Frédéric Buclin | 1 | -6/+8 | |
table should be more robust r=dkl a=LpSolit | |||||
2011-12-26 | Bug 683644: Foreign keys aren't renamed correctly when DB tables are renamed | Frédéric Buclin | 6 | -29/+120 | |
r=wicked a=LpSolit | |||||
2011-12-19 | Bug 711925: Update from 4.0 or older to 4.2 or trunk fails when bug_see_also ↵ | Frédéric Buclin | 2 | -2/+2 | |
field is populated r=wicked a=LpSolit | |||||
2011-12-16 | Last Comment Bug 685611 - delta_ts is updated even when no changes are made ↵ | Dave Lawrence | 3 | -3/+35 | |
to bugs created via WebServices r/a=LpSolit |