Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-02-22 | Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC ↵ | Dave Lawrence | 1 | -0/+5 | |
API when using mod_perl r/a=LpSolit | |||||
2012-01-31 | (CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can ↵ | Frédéric Buclin | 1 | -0/+5 | |
lead to CSRF (no victim's action required) r=mkanat a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=718319 | |||||
2012-01-31 | Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email ↵ | Frédéric Buclin | 1 | -3/+2 | |
addresses, which could allow an attacker to be CC'ed to private bugs by accident r=glob a=LpSolit | |||||
2012-01-06 | Bug 714664: The content of the "emailregexpdesc" parameter is not escaped ↵ | Frédéric Buclin | 1 | -1/+1 | |
when displayed to the user r=dkl a=LpSolit | |||||
2011-11-01 | Fix missing-space bugs in error messages. a=LpSolit. | Gervase Markham | 1 | -1/+1 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=698737 | |||||
2011-10-01 | Bug 582529: Ambiguous error message "You did not specify a file to attach" ↵ | Frédéric Buclin | 1 | -0/+4 | |
when deleting an existing attachment filename a=LpSolit | |||||
2011-08-16 | Bug 678844: When trying to edit a non-existent classification, the error ↵ | Frédéric Buclin | 1 | -2/+4 | |
message has missing words r=glob a=LpSolit | |||||
2011-08-10 | Bug 677187: If the attachment filename contains a newline, an error is ↵ | Frédéric Buclin | 1 | -2/+3 | |
thrown when trying to download the attachment r/a=mkanat | |||||
2011-08-04 | Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause ↵ | Byron Jones | 1 | -0/+5 | |
XSS on this domain in IE 6-8 and Safari r/a=LpSolit | |||||
2011-08-04 | Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when ↵ | Frédéric Buclin | 1 | -20/+8 | |
creating or editing a bug r=mkanat a=LpSolit | |||||
2011-08-01 | Bug 674574: When all components or versions are disabled, you cannot enter ↵ | Frédéric Buclin | 1 | -2/+2 | |
bugs into the product but it's listed in enter_bug.cgi anyway r=dkl a=LpSolit | |||||
2011-07-26 | Bug 674089: Add a new hook 'end_object_name' in user-error.html.tmpl template | Tiago Mello | 1 | -0/+1 | |
r/a=mkanat | |||||
2011-07-26 | Bug 674117: Add a new hook 'auth_failure_object' in user-error.html.tmpl ↵ | Tiago Mello | 1 | -0/+2 | |
template r/a=mkanat | |||||
2011-05-10 | Bug 28849: Block users from CCing other users if they do not have editbugs privs | Byron Jones | 1 | -0/+4 | |
r=LpSolit, a=LpSolit | |||||
2011-05-06 | Bug 653341: Bug.create() fails to error out if an invalid group is passed | Frédéric Buclin | 1 | -0/+7 | |
r/a=mkanat | |||||
2011-04-29 | Bug 653406: fix escaping of url vars in error messages | Byron Jones | 1 | -8/+8 | |
r=LpSolit, a=LpSolit | |||||
2011-04-28 | Bug 423612 - Allow editing extern_id for users from the admin interface | Jochen Wiedmann | 1 | -0/+8 | |
r=mkanat, a=mkanat | |||||
2011-03-03 | Bug 638489 - Make all boolean charts work with longdescs.isprivate | Max Kanat-Alexander | 1 | -0/+4 | |
r=mkanat, a=mkanat (module owner) | |||||
2011-02-16 | Bug 624522: Add support for SourceForge URLs in "see also" | Tiago Mello | 1 | -0/+1 | |
r/a=mkanat | |||||
2011-02-14 | Bug 621122: Add support for MantisBT URLs in "see also". | Reed Loden | 1 | -0/+1 | |
[r=timello a=mkanat] | |||||
2011-02-14 | Bug 543667: Add support for Trac URLs in "see also". | Matt Selsky | 1 | -0/+1 | |
2011-02-14 | Bug 558784: Add support for JIRA URLs in "see also". | Matt Selsky | 1 | -0/+1 | |
2011-01-30 | Bug 616185: Move tags (aka lists of bugs) to their own DB tables | Frédéric Buclin | 1 | -26/+7 | |
r/a=mkanat | |||||
2011-01-07 | Bug 558803: Add a parameter to specify the password complexity for new passwords | rojanu | 1 | -0/+17 | |
r/a=LpSolit | |||||
2010-12-13 | Bug 617477: Fix numerous consistency and behavior issues surroudning Bug.update | Max Kanat-Alexander | 1 | -4/+4 | |
and Bugzilla::Bug. See https://bugzilla.mozilla.org/show_bug.cgi?id=617477#c2 for details. r=LpSolit, a=LpSolit | |||||
2010-12-04 | Bug 529974: Let users with local editcomponents privs manage flags for ↵ | Frédéric Buclin | 1 | -0/+25 | |
products they can administer a=LpSolit (module owner) | |||||
2010-11-03 | Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project specific, ↵ | Frédéric Buclin | 1 | -1/+1 | |
and product names are viewable in graphs/ r=wurblzap a=LpSolit | |||||
2010-10-22 | Remove unused error tag | Frédéric Buclin | 1 | -5/+0 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=523205 | |||||
2010-10-22 | Bug 523205: editflagtypes.cgi should use Bugzilla::FlagType methods to ↵ | Frédéric Buclin | 1 | -3/+4 | |
create and edit flag types a=LpSolit | |||||
2010-10-14 | Bug 575947: Users with passwords length less than 6 characters can't login ↵ | Frédéric Buclin | 1 | -0/+8 | |
after migration from 3.4.x or older to 3.6 or newer r/a=mkanat | |||||
2010-09-19 | Add a missing "FILTER html" in the bug_url_invalid error message. | Max Kanat-Alexander | 1 | -1/+1 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=577835 | |||||
2010-09-19 | Bug 593170: Disallow urls like "show_bug.cgi?id=2323" (with no domain) in | Max Kanat-Alexander | 1 | -0/+2 | |
the See Also field. r=timello, a=mkanat | |||||
2010-09-19 | Bug 577835: Improve the error message displayed when you put an invalid | Max Kanat-Alexander | 1 | -2/+8 | |
Bug URL into the See Also field. | |||||
2010-09-08 | Bug 271758: noresolveonopenblockers = on doesn't allow removing open ↵ | Frédéric Buclin | 1 | -25/+10 | |
blockers and resolve the bug in a single change r/a=mkanat | |||||
2010-09-02 | Fix bustage due to bug 549586 | Frédéric Buclin | 1 | -2/+2 | |
2010-09-02 | Bug 549586: Allow the See Also field to take an integer or a local | Tiago Mello | 1 | -0/+4 | |
bugzilla url and treat them as a link to the local Bugzilla. r/a=mkanat | |||||
2010-08-27 | Bug 479400: Add the ability to show or hide particular custom fields | Tiago Mello | 1 | -0/+5 | |
based on multiple values of another field (visibility controllers) r/a=mkanat | |||||
2010-08-24 | Bug 589860: Remove sidebar.cgi, because remote XUL support is going away in ↵ | Frédéric Buclin | 1 | -4/+0 | |
Gecko r/a=mkanat | |||||
2010-08-04 | Bug 450013: (CVE-2010-2757) [SECURITY] Can sudo a user without sending email | Frédéric Buclin | 1 | -0/+16 | |
r=glob a=LpSolit | |||||
2010-07-25 | Bug 581693: Missing whitespace for the auth_failure_action hook | Frédéric Buclin | 1 | -1/+1 | |
r/a=mkanat | |||||
2010-07-23 | Bug 581326 – Misleading JSON error message. | Marc Schumann | 1 | -2/+2 | |
Patch by Marc Schumann <wurblzap@gmail.com>, r/a=mkanat | |||||
2010-07-23 | Bug 398701: Replace |FILTER url_quote| by |FILTER uri| | Frédéric Buclin | 1 | -11/+11 | |
r/a=mkanat | |||||
2010-07-18 | Bug 119703: Create an attachment by pasting it into a text field | Frédéric Buclin | 1 | -12/+2 | |
r/a=mkanat | |||||
2010-07-14 | The illegal_changed_in_x_days error message is no longer used. | Max Kanat-Alexander | 1 | -5/+0 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=578323 | |||||
2010-07-08 | Remove two errors that are no longer used, after the $$some_var refactor | Max Kanat-Alexander | 1 | -10/+0 | |
in Search.pm. https://bugzilla.mozilla.org/show_bug.cgi?id=574556 | |||||
2010-07-08 | Fix a template and POD bustage from the $$some_var Search.pm checkin. | Max Kanat-Alexander | 1 | -2/+2 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=574556 | |||||
2010-07-08 | Bug 574556: Refactor Search.pm so that we're not doing $$some_var everywhere. | Max Kanat-Alexander | 1 | -6/+16 | |
Instead, we pass around a hashref and update the hashref. This patch also includes some cleanup for bugs surrounding percentage_complete, attachments.isobsolete, attachments.ispatch, and owner_idle_time. r=mkanat, a=mkanat | |||||
2010-07-08 | Bug 490930: Always store attachments locally if they are over X size (and ↵ | Frédéric Buclin | 1 | -14/+6 | |
below some threshold!), don't ever display "Big File" checkbox r=mkanat a=LpSolit | |||||
2010-07-07 | Bug 519835: Remove Bugzilla::Product::check_product() in favor of ↵ | Frédéric Buclin | 1 | -13/+0 | |
Bugzilla::Product->check() r=mkanat a=LpSolit | |||||
2010-06-25 | Bug 573173: Make Bugzilla::Bug's add_group and remove_group take group | Max Kanat-Alexander | 1 | -4/+4 | |
names instead of ids r=dkl, a=mkanat |