Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-01-27 | Add diffs parameter to bugmail_recipients hook. r=mkanat. | Gervase Markham | 2 | -2/+11 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=616422 | |||||
2011-01-24 | Bug 619594: (CVE-2010-4568) [SECURITY] Improve the randomness of | Max Kanat-Alexander | 3 | -3/+25 | |
generate_random_password, to protect against an account compromise issue and other critical vulnerabilities. r=LpSolit, a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=621591 | |||||
2011-01-24 | Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking ↵ | Frédéric Buclin | 1 | -6/+21 | |
for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace and Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs r=dkl a=LpSolit | |||||
2011-01-23 | Bug 625741: Need a hook in update_fielddefs_definition to enable adding ↵ | rojanu | 2 | -0/+11 | |
columns to fielddefs r/a=mkanat | |||||
2011-01-21 | Bug 591165: (CVE-2010-4411) [SECURITY] Bump minimum required version of ↵ | Reed Loden | 1 | -2/+2 | |
CGI.pm to v3.51 in order to address header injection vulnerability. [r=mkanat a=mkanat] | |||||
2011-01-15 | Bug 625190: Typo and Missing FK in Bugzilla::DB::Schema | David Marshall | 1 | -3/+6 | |
r/a=mkanat | |||||
2011-01-15 | Bug 623408: Message-ID is gone in bugmail for new bugs | Frédéric Buclin | 1 | -2/+3 | |
r=dkl a=LpSolit | |||||
2011-01-11 | Bug 624349: Let the config_modify_panels hook add new parameters to existing ↵ | Frédéric Buclin | 1 | -11/+10 | |
panels r/a=mkanat | |||||
2011-01-09 | Bug 622204: Bugzilla::Migrate crashes trying to create bugs with resolutions | 1 | -1/+1 | ||
r/a=mkanat | |||||
2011-01-07 | Bug 558803: Add a parameter to specify the password complexity for new passwords | rojanu | 2 | -0/+22 | |
r/a=LpSolit | |||||
2011-01-07 | Provide user objects to bugmail_recipients hook. r,a=mkanat. | Gervase Markham | 2 | -1/+15 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=622813 | |||||
2011-01-05 | Document how to add user settings. r,a=mkanat. | Gervase Markham | 1 | -1/+2 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=616427 | |||||
2011-01-05 | Allow extensions to add new Jobs. r,a=mkanat. | Gervase Markham | 3 | -2/+29 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=617012 | |||||
2011-01-04 | Bug 595410: Make it faster to display a bug that has a lot of dependencies. | Max Kanat-Alexander | 3 | -41/+64 | |
r=LpSolit, a=LpSolit | |||||
2010-12-28 | Remove unused variable, per my review comment | Frédéric Buclin | 1 | -1/+0 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=615574 | |||||
2010-12-27 | Bug 599539: Update the mod_perl code for Apache2::SizeLimit 0.92 | Max Kanat-Alexander | 1 | -0/+18 | |
r=glob, a=mkanat | |||||
2010-12-27 | Bug 615574: Make every search done by buglist.cgi create a list_id, so that | Max Kanat-Alexander | 3 | -2/+60 | |
even Saved Searches get "last list" support. r=LpSolit, a=LpSolit | |||||
2010-12-27 | Bug 588013: Fix typo | timeless | 1 | -1/+1 | |
r/a=mkanat | |||||
2010-12-23 | Add contributor lines for mkanat and myself for the new BugUrl modules. | Reed Loden | 5 | -5/+9 | |
Add missing period in original developer line in license block. [a=mkanat] | |||||
2010-12-22 | Bug 620796: Make Bugzilla::Migrate skip abnormal fields when doing | Max Kanat-Alexander | 1 | -0/+2 | |
create_legal_values (otherwise it tried to create Components there, when it should not have). r=mkanat, a=mkanat (module owner) | |||||
2010-12-21 | Bug 593539: Fix the bugs activity for the see_also field. | Tiago Mello | 1 | -1/+2 | |
r/a=mkanat | |||||
2010-12-20 | Bug 593539: Refactor See Also to use separate modules for each type of URL | Tiago Mello | 8 | -160/+558 | |
r/a=mkanat | |||||
2010-12-18 | Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect ↵ | Reed Loden | 1 | -0/+6 | |
against clickjacking. [r=mkanat a=mkanat] | |||||
2010-12-16 | Bug 619581: Make contrib/bzdbcopy.pl work again, and also make it work with | Max Kanat-Alexander | 1 | -1/+15 | |
SQLite. r=mkanat, a=mkanat | |||||
2010-12-16 | Checkin fix for bug 619016: "DEFAULT TRUE" and "DEFAULT FALSE" were no longer | Max Kanat-Alexander | 1 | -7/+11 | |
getting properly translated to 1 and 0 inside of _set_nulls_sql in Bugzilla::DB::Schema. | |||||
2010-12-15 | Additional fix for bug 619016: The FK adding/removing code for SQLite didn't | Max Kanat-Alexander | 1 | -9/+26 | |
work when it was modifying tables to have their first FK or removing all the FKs on a table. r=mkanat, a=mkanat (module owner) | |||||
2010-12-15 | Bug 619016: Make SQLite installations able to alter an existing schema, | Max Kanat-Alexander | 2 | -20/+218 | |
meaning that SQLite installations can now upgrade and add custom fields. r=mkanat, a=mkanat (module owner) | |||||
2010-12-15 | Bug 619466: Make searching by work_time search the total time on the bug | Max Kanat-Alexander | 1 | -5/+2 | |
instead of searching the time on individual comments. r=mkanat, a=mkanat (module owner) | |||||
2010-12-13 | Bug 617477: Fix numerous consistency and behavior issues surroudning Bug.update | Max Kanat-Alexander | 6 | -37/+188 | |
and Bugzilla::Bug. See https://bugzilla.mozilla.org/show_bug.cgi?id=617477#c2 for details. r=LpSolit, a=LpSolit | |||||
2010-12-06 | Bug 617030 - Add an error code for json_rpc_invalid_callback, and fix the | Max Kanat-Alexander | 2 | -1/+2 | |
regex used by _bz_callback in Bugzilla::WebService::Server::JSONRPC to accept numbers other than 0 or 1. r=LpSolit, a=mkanat | |||||
2010-12-06 | Bug 542931: Bug in SOAP::Lite prevents WebService:XMLRPC logins from persisting | Frédéric Buclin | 1 | -3/+3 | |
r/a=mkanat | |||||
2010-12-06 | Bug 607138: Don't send the Strict-Transport-Security header for the | Max Kanat-Alexander | 1 | -2/+6 | |
attachment_base. r=LpSolit, a=LpSolit | |||||
2010-12-04 | Bug 529974: Let users with local editcomponents privs manage flags for ↵ | Frédéric Buclin | 2 | -23/+98 | |
products they can administer a=LpSolit (module owner) | |||||
2010-11-15 | Bug 611891: Don't generate cookies for logins done over GET via the WebService | Max Kanat-Alexander | 1 | -1/+6 | |
r=glob, a=mkanat | |||||
2010-11-14 | Bug 611974: collectstats.pl --regenerate fails with PostgreSQL 8.4.x ↵ | Sam Morris | 1 | -1/+1 | |
(sql_from_days() doesn't accept integers as argument) r/a=LpSolit | |||||
2010-11-14 | Bug 611979: Undefined subroutine &Bugzilla::Config::Advanced::check_multi ↵ | Frédéric Buclin | 1 | -0/+2 | |
when enabling strict_transport_security r=glob a=LpSolit | |||||
2010-11-13 | Bug 611623: The alias is not filtered in QuickSearch when passed to show_bug.cgi | Frédéric Buclin | 1 | -0/+1 | |
r=glob a=LpSolit | |||||
2010-11-11 | Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version of ↵ | Reed Loden | 1 | -3/+3 | |
CGI.pm to v3.50 in order to address header injection vulnerability. [r=mkanat a=mkanat] | |||||
2010-11-04 | Bug 596611: Add a hook to email_in.pl | Frédéric Buclin | 1 | -0/+28 | |
r/a=mkanat | |||||
2010-11-04 | Bug 485418: Code and template hooks for userprefs.cgi to be able to add ↵ | Frédéric Buclin | 1 | -0/+43 | |
additional tabs r=mkanat a=LpSolit | |||||
2010-11-04 | Bug 605573: List all available WebService methods at the top of the POD | Frédéric Buclin | 5 | -77/+35 | |
r/a=mkanat | |||||
2010-11-04 | Bug 474766: The [details] string is duplicated when replying to a comment ↵ | Frédéric Buclin | 1 | -1/+1 | |
containing a link to an attachment r/a=mkanat | |||||
2010-11-03 | Bug 607909: Hours worked / work_time is marked as changing when commenting ↵ | Christian Legnitto | 2 | -3/+7 | |
even when you don't enter a value r/a=LpSolit | |||||
2010-11-03 | When inserting comments during Bug->update, make sure that the comment | Max Kanat-Alexander | 1 | -0/+3 | |
timestamp is identical to the timestamp passed in to update(). https://bugzilla.mozilla.org/show_bug.cgi?id=590334 | |||||
2010-11-03 | The changes to bz_create_database done by the SQLite patch broke the | Max Kanat-Alexander | 2 | -1/+10 | |
creation of databases on other systems. This restores the original behavior while still retaining the correct error-throwing behavior for systems that can't create a SQLite database. https://bugzilla.mozilla.org/show_bug.cgi?id=337776 | |||||
2010-11-03 | Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to ↵ | Byron Jones | 1 | -1/+2 | |
non-random multipart/x-mixed-replace boundary r=mkanat a=LpSolit | |||||
2010-11-03 | Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project specific, ↵ | Frédéric Buclin | 2 | -3/+17 | |
and product names are viewable in graphs/ r=wurblzap a=LpSolit | |||||
2010-10-29 | Bug 602456: Make Search.pm not quote numeric input for numeric fields | Max Kanat-Alexander | 4 | -20/+120 | |
when generating SQL. r=glob, a=mkanat | |||||
2010-10-28 | Bug 607966: Use of qw(...) as parentheses is deprecated since Perl 5.13.5 | Frédéric Buclin | 4 | -6/+4 | |
r=gerv a=LpSolit | |||||
2010-10-28 | Bug 585802: Change the cc/user autocomplete (and backend) usermatching to ↵ | Christian Legnitto | 2 | -5/+9 | |
ignore spaces / search on space separated names r/a=mkanat |