Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-01-31 | (CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can ↵ | Frédéric Buclin | 1 | -0/+5 | |
lead to CSRF (no victim's action required) r=mkanat a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=718319 | |||||
2012-01-31 | Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email ↵ | Frédéric Buclin | 2 | -5/+3 | |
addresses, which could allow an attacker to be CC'ed to private bugs by accident r=glob a=LpSolit | |||||
2012-01-27 | Bug 720756 - Update release notes for Bugzilla 4.2rc2 | Dave Lawrence | 1 | -4/+8 | |
r/a=LpSolit | |||||
2012-01-26 | Fix bustage due to bug 715514. | Tiago Mello | 1 | -1/+1 | |
2012-01-25 | Bug 715514: Fix showdependencytree misleading in "hide resolved" view | Matt Selsky | 1 | -2/+2 | |
r=timello, a=LpSolit | |||||
2012-01-12 | Bug 717215: Remove references to url_quote filter | Simon Green | 2 | -5/+1 | |
r/a=LpSolit | |||||
2012-01-11 | Bug 717210: If all attachments are stored locally (maxattachmentsize = 0, ↵ | Simon Green | 2 | -3/+3 | |
maxlocalattachment > 0), the link to attach files to bugs is not displayed r/a=LpSolit | |||||
2012-01-11 | Bug 715650 - User auto-completion does not work in request.cgi for requester ↵ | Dave Lawrence | 1 | -1/+2 | |
and requestee as expected r=timello, a=LpSolit | |||||
2012-01-11 | Bug 716227: When checksetup.pl tells the admin that he should edit variables ↵ | Frédéric Buclin | 1 | -6/+8 | |
in localconfig, the message should be red r=timello a=LpSolit | |||||
2012-01-10 | Bug 716283: Clickjacking in the attachment "Details" page allows to bypass ↵ | Frédéric Buclin | 2 | -0/+13 | |
token checks r=dkl a=LpSolit | |||||
2012-01-06 | Bug 706753 about JSON::RPC 1.01 is now fixed | Frédéric Buclin | 1 | -4/+0 | |
2012-01-06 | Bug 695294: The See Also field is not visible in "Format for Printing" | Matt Selsky | 1 | -0/+12 | |
r/a=LpSolit | |||||
2012-01-06 | Bug 715705: User auto-completion doesn't work for watched users in the email ↵ | Frédéric Buclin | 1 | -1/+2 | |
prefs tab r=timello a=LpSolit | |||||
2012-01-06 | Bug 714664: The content of the "emailregexpdesc" parameter is not escaped ↵ | Frédéric Buclin | 2 | -2/+2 | |
when displayed to the user r=dkl a=LpSolit | |||||
2011-12-28 | user_autocompletion -> ajax_user_autocompletion | Frédéric Buclin | 1 | -1/+1 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=713346 | |||||
2011-12-28 | Bug 713346: Release notes for Bugzilla 4.2rc1 | Frédéric Buclin | 2 | -3418/+4037 | |
r=mkanat a=LpSolit | |||||
2011-12-26 | Bug 683644: Foreign keys aren't renamed correctly when DB tables are renamed | Frédéric Buclin | 1 | -1/+1 | |
r=wicked a=LpSolit | |||||
2011-12-13 | Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible ↵ | Reed Loden | 1 | -0/+1 | |
unauthorized account creation e-mail request [r=mkanat a=mkanat] | |||||
2011-12-05 | Bug 577854: URL field header caption does not link to field value ↵ | Matt Selsky | 2 | -10/+7 | |
description (confusingly links to actual URL) r/a=mkanat | |||||
2011-11-29 | Bug 692737 - Main page icons are not centered. | Marc Schumann | 1 | -16/+24 | |
r/a=mkanat | |||||
2011-11-29 | Bug 686422: Fix custom search's history interaction on HTML4 browsers | Byron Jones | 1 | -1/+5 | |
r=mkanat, a=mkanat | |||||
2011-11-28 | Bug 705393: Improve the error message thrown by Update.pm when ↵ | Frédéric Buclin | 1 | -5/+11 | |
updates.bugzilla.org is unavailable r=glob a=LpSolit | |||||
2011-11-26 | Bug 255606: Do not let buglist.cgi return all bugs by default | Frédéric Buclin | 3 | -4/+13 | |
r/a=mkanat | |||||
2011-11-22 | Bug 703975: CSRF vulnerability in post_bug.cgi allows possible unauthorized ↵ | Frédéric Buclin | 1 | -57/+0 | |
bug creation r=mkanat a=LpSolit | |||||
2011-11-21 | Bug 703983 - CSRF vulnerability in attachment.cgi allows possible ↵ | Reed Loden | 1 | -48/+0 | |
unauthorized attachment creation [r=LpSolit a=LpSolit] | |||||
2011-11-18 | Fix bustage due to bug 643411. | Tiago Mello | 1 | -2/+2 | |
2011-11-18 | Bug 643411: New default bug limit makes time summary results confusing | Tiago Mello | 1 | -0/+9 | |
r/a=mkanat | |||||
2011-11-01 | Fix missing-space bugs in error messages. a=LpSolit. | Gervase Markham | 3 | -6/+6 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=698737 | |||||
2011-10-24 | Bug 685552 - Email auto-completion causes server to thrash | David Lawrence | 2 | -2/+5 | |
r/a=mkanat | |||||
2011-10-23 | Bug 690173: Cannot delete user accounts due to FK on audit_log | miketosh | 1 | -1/+10 | |
r/a=mkanat | |||||
2011-10-15 | Bug 674416: Custom searches in query.cgi are lost when clicking the "Back" ↵ | Max Kanat-Alexander | 1 | -1/+4 | |
button in Firefox when viewing a buglist r=glob a=mkanat | |||||
2011-10-15 | Bug 691697: There is no link pointing to the new bug in HTML bugmails | Frédéric Buclin | 1 | -1/+7 | |
r=pyrzak a=LpSolit | |||||
2011-10-03 | Bug 615636: Labels are badly aligned when editing versions and milestones in ↵ | Matt Selsky | 4 | -15/+14 | |
admin pages r/a=LpSolit | |||||
2011-10-01 | Bug 582529: Ambiguous error message "You did not specify a file to attach" ↵ | Frédéric Buclin | 1 | -0/+4 | |
when deleting an existing attachment filename a=LpSolit | |||||
2011-09-29 | Bug 686786: Decreasing votestoconfirm in editproducts.cgi crashes Bugzilla | Frédéric Buclin | 1 | -4/+4 | |
r/a=mkanat | |||||
2011-09-13 | Bug 685316: Change Simple Search template to use field_descs for Status | Tiago Mello | 1 | -2/+2 | |
Product. r/a=mkanat | |||||
2011-09-12 | Bug 686246: When editing the inclusion and exclusion lists of a flagtype, ↵ | Frédéric Buclin | 1 | -1/+1 | |
empty grant and request groups are replaced by "" instead of "(no group)" in the drop-down menu a=LpSolit | |||||
2011-09-07 | Fix bustage due to bug 604237 | Frédéric Buclin | 1 | -2/+2 | |
2011-09-07 | Bug 604237 - Clean up the format of HTML Emails | Guy Pyrzak | 1 | -20/+21 | |
r=mkanat, a=mkanat | |||||
2011-08-30 | Bug 680780: Advanced Search: help for field Comment is missing a space | Frédéric Buclin | 1 | -1/+1 | |
r=wicked a=LpSolit | |||||
2011-08-29 | Bug 637648 - Rename the "tags" table to "tag" | Stephanie Daugherty | 1 | -1/+1 | |
r=LpSolit, a=LpSolit | |||||
2011-08-16 | Bug 679449: Add a link to duplicates.cgi from report.cgi | Frédéric Buclin | 1 | -0/+4 | |
r=dkl a=LpSolit | |||||
2011-08-16 | Bug 678844: When trying to edit a non-existent classification, the error ↵ | Frédéric Buclin | 1 | -2/+4 | |
message has missing words r=glob a=LpSolit | |||||
2011-08-16 | Bug 460074: Make post_bug.cgi use should_set for array fields, so they | Max Kanat-Alexander | 1 | -0/+1 | |
are undef in Bugzilla::Bug->create if not passed to post_bug. This fixes a bug with the guided bug form creating bugs without any groups. r=LpSolit, a=mkanat | |||||
2011-08-15 | Bug 537759: The "Description" field for attachments should be highlighted as ↵ | Kent Rogers | 1 | -2/+3 | |
being mandatory r/a=LpSolit | |||||
2011-08-10 | Bug 677187: If the attachment filename contains a newline, an error is ↵ | Frédéric Buclin | 1 | -2/+3 | |
thrown when trying to download the attachment r/a=mkanat | |||||
2011-08-04 | Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause ↵ | Byron Jones | 1 | -0/+5 | |
XSS on this domain in IE 6-8 and Safari r/a=LpSolit | |||||
2011-08-04 | Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when ↵ | Frédéric Buclin | 1 | -20/+8 | |
creating or editing a bug r=mkanat a=LpSolit | |||||
2011-08-04 | Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment ↵ | Reed Loden | 1 | -1/+1 | |
containing newline are corrupt [r=LpSolit a=LpSolit] | |||||
2011-08-04 | Fix bustage due to bug 660382 | Frédéric Buclin | 1 | -4/+0 | |