summaryrefslogtreecommitdiffstats
path: root/Bugzilla
AgeCommit message (Collapse)AuthorFilesLines
2011-01-27Add diffs parameter to bugmail_recipients hook. r=mkanat.Gervase Markham2-2/+11
https://bugzilla.mozilla.org/show_bug.cgi?id=616422
2011-01-24Bug 619594: (CVE-2010-4568) [SECURITY] Improve the randomness ofMax Kanat-Alexander3-3/+25
generate_random_password, to protect against an account compromise issue and other critical vulnerabilities. r=LpSolit, a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=621591
2011-01-24Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking ↵Frédéric Buclin1-6/+21
for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace and Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs r=dkl a=LpSolit
2011-01-23Bug 625741: Need a hook in update_fielddefs_definition to enable adding ↵rojanu2-0/+11
columns to fielddefs r/a=mkanat
2011-01-21Bug 591165: (CVE-2010-4411) [SECURITY] Bump minimum required version of ↵Reed Loden1-2/+2
CGI.pm to v3.51 in order to address header injection vulnerability. [r=mkanat a=mkanat]
2011-01-15Bug 625190: Typo and Missing FK in Bugzilla::DB::SchemaDavid Marshall1-3/+6
r/a=mkanat
2011-01-15Bug 623408: Message-ID is gone in bugmail for new bugsFrédéric Buclin1-2/+3
r=dkl a=LpSolit
2011-01-11Bug 624349: Let the config_modify_panels hook add new parameters to existing ↵Frédéric Buclin1-11/+10
panels r/a=mkanat
2011-01-09Bug 622204: Bugzilla::Migrate crashes trying to create bugs with resolutions1-1/+1
r/a=mkanat
2011-01-07Bug 558803: Add a parameter to specify the password complexity for new passwordsrojanu2-0/+22
r/a=LpSolit
2011-01-07Provide user objects to bugmail_recipients hook. r,a=mkanat.Gervase Markham2-1/+15
https://bugzilla.mozilla.org/show_bug.cgi?id=622813
2011-01-05Document how to add user settings. r,a=mkanat.Gervase Markham1-1/+2
https://bugzilla.mozilla.org/show_bug.cgi?id=616427
2011-01-05Allow extensions to add new Jobs. r,a=mkanat.Gervase Markham3-2/+29
https://bugzilla.mozilla.org/show_bug.cgi?id=617012
2011-01-04Bug 595410: Make it faster to display a bug that has a lot of dependencies.Max Kanat-Alexander3-41/+64
r=LpSolit, a=LpSolit
2010-12-28Remove unused variable, per my review commentFrédéric Buclin1-1/+0
https://bugzilla.mozilla.org/show_bug.cgi?id=615574
2010-12-27Bug 599539: Update the mod_perl code for Apache2::SizeLimit 0.92Max Kanat-Alexander1-0/+18
r=glob, a=mkanat
2010-12-27Bug 615574: Make every search done by buglist.cgi create a list_id, so thatMax Kanat-Alexander3-2/+60
even Saved Searches get "last list" support. r=LpSolit, a=LpSolit
2010-12-27Bug 588013: Fix typotimeless1-1/+1
r/a=mkanat
2010-12-23Add contributor lines for mkanat and myself for the new BugUrl modules.Reed Loden5-5/+9
Add missing period in original developer line in license block. [a=mkanat]
2010-12-22Bug 620796: Make Bugzilla::Migrate skip abnormal fields when doingMax Kanat-Alexander1-0/+2
create_legal_values (otherwise it tried to create Components there, when it should not have). r=mkanat, a=mkanat (module owner)
2010-12-21Bug 593539: Fix the bugs activity for the see_also field.Tiago Mello1-1/+2
r/a=mkanat
2010-12-20Bug 593539: Refactor See Also to use separate modules for each type of URLTiago Mello8-160/+558
r/a=mkanat
2010-12-18Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect ↵Reed Loden1-0/+6
against clickjacking. [r=mkanat a=mkanat]
2010-12-16Bug 619581: Make contrib/bzdbcopy.pl work again, and also make it work withMax Kanat-Alexander1-1/+15
SQLite. r=mkanat, a=mkanat
2010-12-16Checkin fix for bug 619016: "DEFAULT TRUE" and "DEFAULT FALSE" were no longerMax Kanat-Alexander1-7/+11
getting properly translated to 1 and 0 inside of _set_nulls_sql in Bugzilla::DB::Schema.
2010-12-15Additional fix for bug 619016: The FK adding/removing code for SQLite didn'tMax Kanat-Alexander1-9/+26
work when it was modifying tables to have their first FK or removing all the FKs on a table. r=mkanat, a=mkanat (module owner)
2010-12-15Bug 619016: Make SQLite installations able to alter an existing schema,Max Kanat-Alexander2-20/+218
meaning that SQLite installations can now upgrade and add custom fields. r=mkanat, a=mkanat (module owner)
2010-12-15Bug 619466: Make searching by work_time search the total time on the bugMax Kanat-Alexander1-5/+2
instead of searching the time on individual comments. r=mkanat, a=mkanat (module owner)
2010-12-13Bug 617477: Fix numerous consistency and behavior issues surroudning Bug.updateMax Kanat-Alexander6-37/+188
and Bugzilla::Bug. See https://bugzilla.mozilla.org/show_bug.cgi?id=617477#c2 for details. r=LpSolit, a=LpSolit
2010-12-06Bug 617030 - Add an error code for json_rpc_invalid_callback, and fix theMax Kanat-Alexander2-1/+2
regex used by _bz_callback in Bugzilla::WebService::Server::JSONRPC to accept numbers other than 0 or 1. r=LpSolit, a=mkanat
2010-12-06Bug 542931: Bug in SOAP::Lite prevents WebService:XMLRPC logins from persistingFrédéric Buclin1-3/+3
r/a=mkanat
2010-12-06Bug 607138: Don't send the Strict-Transport-Security header for theMax Kanat-Alexander1-2/+6
attachment_base. r=LpSolit, a=LpSolit
2010-12-04Bug 529974: Let users with local editcomponents privs manage flags for ↵Frédéric Buclin2-23/+98
products they can administer a=LpSolit (module owner)
2010-11-15Bug 611891: Don't generate cookies for logins done over GET via the WebServiceMax Kanat-Alexander1-1/+6
r=glob, a=mkanat
2010-11-14Bug 611974: collectstats.pl --regenerate fails with PostgreSQL 8.4.x ↵Sam Morris1-1/+1
(sql_from_days() doesn't accept integers as argument) r/a=LpSolit
2010-11-14Bug 611979: Undefined subroutine &Bugzilla::Config::Advanced::check_multi ↵Frédéric Buclin1-0/+2
when enabling strict_transport_security r=glob a=LpSolit
2010-11-13Bug 611623: The alias is not filtered in QuickSearch when passed to show_bug.cgiFrédéric Buclin1-0/+1
r=glob a=LpSolit
2010-11-11Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version of ↵Reed Loden1-3/+3
CGI.pm to v3.50 in order to address header injection vulnerability. [r=mkanat a=mkanat]
2010-11-04Bug 596611: Add a hook to email_in.plFrédéric Buclin1-0/+28
r/a=mkanat
2010-11-04Bug 485418: Code and template hooks for userprefs.cgi to be able to add ↵Frédéric Buclin1-0/+43
additional tabs r=mkanat a=LpSolit
2010-11-04Bug 605573: List all available WebService methods at the top of the PODFrédéric Buclin5-77/+35
r/a=mkanat
2010-11-04Bug 474766: The [details] string is duplicated when replying to a comment ↵Frédéric Buclin1-1/+1
containing a link to an attachment r/a=mkanat
2010-11-03Bug 607909: Hours worked / work_time is marked as changing when commenting ↵Christian Legnitto2-3/+7
even when you don't enter a value r/a=LpSolit
2010-11-03When inserting comments during Bug->update, make sure that the commentMax Kanat-Alexander1-0/+3
timestamp is identical to the timestamp passed in to update(). https://bugzilla.mozilla.org/show_bug.cgi?id=590334
2010-11-03The changes to bz_create_database done by the SQLite patch broke theMax Kanat-Alexander2-1/+10
creation of databases on other systems. This restores the original behavior while still retaining the correct error-throwing behavior for systems that can't create a SQLite database. https://bugzilla.mozilla.org/show_bug.cgi?id=337776
2010-11-03Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to ↵Byron Jones1-1/+2
non-random multipart/x-mixed-replace boundary r=mkanat a=LpSolit
2010-11-03Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project specific, ↵Frédéric Buclin2-3/+17
and product names are viewable in graphs/ r=wurblzap a=LpSolit
2010-10-29Bug 602456: Make Search.pm not quote numeric input for numeric fieldsMax Kanat-Alexander4-20/+120
when generating SQL. r=glob, a=mkanat
2010-10-28Bug 607966: Use of qw(...) as parentheses is deprecated since Perl 5.13.5Frédéric Buclin4-6/+4
r=gerv a=LpSolit
2010-10-28Bug 585802: Change the cc/user autocomplete (and backend) usermatching to ↵Christian Legnitto2-5/+9
ignore spaces / search on space separated names r/a=mkanat