summaryrefslogtreecommitdiffstats
path: root/Bugzilla
AgeCommit message (Collapse)AuthorFilesLines
2016-05-03Bug 1268989 - Inefficient check of "Bugzilla_api_token" might lead to ↵Dylan William Hardison1-9/+6
CSRF/data disclosure vulnerability in Bugzilla's REST API r=dkl
2016-05-02Bug 1269252 - Using callback parameter with REST API causes read-only ↵David Lawrence1-5/+1
accessor error in Bugzilla/API/Server.pm r=dylan
2016-04-28Bug 1268174 - [PostgreSQL] $dbh->bz_add_column() fails to create new columns ↵Frédéric Buclin2-8/+36
with the NOT NULL constraint if there is no DEFAULT value r=gerv
2016-04-27Bug 1268146 - profiles.email is set back to match profiles.login_name every ↵Frédéric Buclin1-2/+4
time checksetup.pl is run r=gerv
2016-04-27Bug 218917 - Allow the login name to be different from the email addressFrédéric Buclin31-255/+523
Original patch by Gervase Markham r=gerv a=dkl
2016-04-25Bug 1259881 - CSV export vulnerable to formulae injection (again)Frédéric Buclin1-3/+4
r=sgreen
2016-04-20Bug 542239 - Accept pronouns everywhere in query.cgiAlbert Ting1-2/+2
r=dkl
2016-04-15Bug 1261679 - Add more examples about how to define new parameters using the ↵Frédéric Buclin1-5/+7
config_add_panels hook r=gerv
2016-04-14Bug 1088022 - Bump min version to CGI 4.09Frédéric Buclin7-68/+37
r=dkl
2016-04-13Bug 1154457 - Extra lines for nested MarkDown listsAlbert Ting1-0/+11
r=dkl
2016-04-09Bug 1261538 - Bugzilla is unable to access attachment.cgi when ssl_redirect ↵Frédéric Buclin2-16/+39
= true and using Plack r=dylan
2016-04-06Bug 1246228 - Email addresses must not be encodedFrédéric Buclin2-14/+2
r=dkl
2016-04-05Bug 1261124: When deleting a component, this component is listed againFrédéric Buclin1-1/+4
r=dkl
2016-04-04Bug 880163 - add a webservice method to list a bug's duplicates, mirroring ↵David Lawrence2-0/+10
what is visible on show_bug. r=dylan
2016-03-27Bug 1205072: Markdown should not call quoteUrl() for code sectionsAlbert Ting1-9/+29
r=LpSolit
2016-03-25Bug 1257224: Windows-specific modules are missing in Makefile.PLFrédéric Buclin1-1/+1
r=dylan
2016-03-21Bug 1258187: When using plackup as a proxy, Apache is unable to handle saved ↵Frédéric Buclin1-4/+2
queries correctly r=dkl
2016-03-21Bug 1251208 - Bugzilla->request_cache() can be fasterDylan Hardison1-9/+2
r=dkl,a=dylan without breaking stuff this time.
2016-03-19Bug 1230932: Providing a condition as an ID to the webservice results in a ↵Frédéric Buclin6-7/+31
taint error r=dkl
2016-03-09Bug 1250908: "Use of uninitialized value" warning thrown when creating a new ↵Thorsten Schöning1-2/+2
bug depending or blocking another one r=LpSolit
2016-03-08Bug 1253074 - get_legal_value doesn't work for target milestoneAlbert Ting1-4/+5
r=dkl
2016-02-29Bug 1136137: Require Perl 5.14Frédéric Buclin152-199/+199
r=dkl
2016-02-26generate_test_data.pl is an executableFrédéric Buclin1-0/+1
2016-02-26Bug 1251221 - Pass cache => 1 to calls to Bugzilla::Product->new() called in ↵Dylan Hardison3-6/+5
Bugzilla::{Milestone,Version,Component} r=dkl,a=dylan
2016-02-25Bug 1250944 - 001compile.t doesn't set error mode, so errors exit the test suiteDylan Hardison1-1/+0
r=dkl,a=dylan
2016-02-25Bug 1250786 - Detainting of params.jsonMatt Tyson1-13/+4
r=dylan,a=dylan
2016-02-24fix permsDylan William Hardison1-1/+1
2016-02-24Bug 1250875 - Bugzilla crashes immediately due to unreadable META.json and ↵Dylan Hardison1-0/+4
MYMETA.json r=LpSolit,a=dylan
2016-02-23Bug 1246528 - Use Makefile.PL and allow Bugzilla use cpanm-compatible local ↵Dylan Hardison7-1196/+12
dependencies r=dkl,a=dylan
2016-02-18Bug 1148577 - The API reST documentation should display the error ↵David Lawrence1-0/+3
codes/strings that could occur with each API call r=gerv
2016-02-10Bug 1244528 - Default to DBD::SQLite for new installs for "out of the box" ↵Dylan Hardison1-1/+1
working bugzilla experience r=dkl,a=dylan
2016-02-08Bug 1246531: REST_DOC should point to bugzilla.readthedocs.org instead of ↵Frédéric Buclin1-1/+1
bugzilla.org r=dkl
2016-02-07Bug 1237161: Allow users with bless permissions to update users group ↵Matt Tyson2-1/+12
membership using WebService r=LpSolit a=dkl
2016-01-27Bug 731589 - Move mod_perl's max_unshared size from mod_perl.pl to localconfigDylan Hardison1-0/+4
r=dkl,a=dylan
2016-01-27Bug 1241026 - checksetup.pl requires editing localconfig to remove apache groupDylan Hardison1-1/+12
r=dkl,a=dylan
2016-01-22Bug 1159057 - Bug create and update hooks are called unexpectedlyMatt Tyson1-0/+1
- Fixed regression found by test_flags2.t where flag id was not present in show_bug.cgi for newly created bugs.
2016-01-20Bug 1240029 - The REST API doesn't work correctly with mod_perlDavid Lawrence3-19/+16
r=dylan
2016-01-15'Bug 1159057: change to create flags as part of bug creation process. r=gervMatt Tyson6-42/+99
2016-01-15Bug 922549: Bugzilla::Migrate.pm should provide hook in load function. ↵Gervase Markham1-1/+1
r=gerv. (review cleanups)
2016-01-15Bug 922549: Bugzilla::Migrate.pm should provide hook in load function. r=gerv.rojanu2-4/+44
2016-01-14Bug 1239582 - The new REST API fails to work properly under mod_perl due to ↵David Lawrence2-5/+5
improper file path passed to bsd_glob() r=dylan
2016-01-12Bug 1238987 - Remove the trailing newline when the quoted text in comments ↵David Lawrence1-0/+1
is wrapped r=LpSolit
2016-01-05Bug 1235270: Set submitter_id before calling _check_data()Mahdi Mokhtari1-1/+2
r=LpSolit
2016-01-05Bug 1045782: Existing URLs in the See Also field should not throw an error ↵Frédéric Buclin1-2/+3
when the bug is displayed r=dkl
2016-01-02Bug 688205 - quoted text inside comments should wrapAlbert Ting4-4/+38
r=dylan,a=dylan
2015-12-23Bug 1201113: Support to run Bugzilla as a PSGI applicationFrédéric Buclin7-15/+52
r=dylan
2015-12-22Revert "Bug 1230932 - Providing a condition as an ID to the webservice ↵David Lawrence5-18/+23
results in a taint error" This reverts commit eb1357fe03bb47cdd479cf533022e11dd6bd22e0.
2015-12-22Bug 1232785 - [SECURITY] Buglists in CSV format can be parsed as valid ↵Dylan Hardison1-0/+3
javascript in some browsers r=dkl,a=dkl
2015-12-22Bug 1230932 - Providing a condition as an ID to the webservice results in a ↵Dylan Hardison5-23/+18
taint error r=dkl,a=dkl
2015-12-21Bug 1234297: "GET /rest/last_audit_time" complains that you must use POSTFrédéric Buclin1-0/+1
r=dkl
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-05-03 16:19:52 +0200