Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-11-13 | Bug 790296 (CVE-2012-4189): [SECURITY] Field values are not escaped ↵ | Frédéric Buclin | 1 | -1/+1 | |
correctly in tabular reports r=dkl a=LpSolit | |||||
2012-11-13 | Bug 802204 (CVE-2012-4197): [SECURITY] Marking an attachment you cannot see ↵ | Frédéric Buclin | 1 | -2/+1 | |
as obsolete can disclose its description r=gerv a=LpSolit | |||||
2012-11-13 | Bug 731178 (CVE-2012-4199): [SECURITY] field-events.js.tmpl discloses ↵ | Frédéric Buclin | 2 | -9/+21 | |
product and component names that the user is not allowed to see r=dkl a=LpSolit | |||||
2012-11-03 | Back out the last checkin, it was already there | Frédéric Buclin | 1 | -3/+0 | |
2012-11-03 | Bug 805647: One more item for the 4.2.4 release notes | Frédéric Buclin | 1 | -0/+3 | |
2012-10-26 | Bug 805647: Release notes for Bugzilla 4.2.4 | Frédéric Buclin | 1 | -3/+50 | |
r=dkl | |||||
2012-10-11 | Bug 798994: Fix incorrect double escaping when displaying saved queries URLs | Simon Green | 1 | -1/+1 | |
r=glob, a=LpSolit | |||||
2012-09-29 | Bug 793893: Tabular reports crash when no format parameter is defined | Frédéric Buclin | 2 | -2/+1 | |
r=glob a=LpSolit | |||||
2012-09-11 | Bug 790215 - Flag names are not properly escaped when displayed on confirm ↵ | Reed Loden | 2 | -2/+1 | |
user match page [r=LpSolit a=LpSolit] | |||||
2012-09-03 | Bug 786889: Add missing 'Summary (first 60 chars)' header to CSV output | Matt Tyson | 1 | -0/+1 | |
r=glob, a=LpSolit | |||||
2012-08-30 | Bug 786351: Release notes for Bugzilla 4.2.3 | Frédéric Buclin | 1 | -0/+41 | |
r=dkl a=LpSolit | |||||
2012-08-28 | Bug 772953: Remove the token from buglist urls | Byron Jones | 1 | -2/+9 | |
r=dkl, a=LpSolit | |||||
2012-08-27 | Bug 785917: Custom field descriptions are not properly escaped when ↵ | Frédéric Buclin | 2 | -2/+1 | |
displayed as bug list column headers r=glob a=LpSolit | |||||
2012-08-20 | Bug 698068: The "There is no saved search named ..." page has a "forget" link | Frédéric Buclin | 1 | -1/+1 | |
r=glob a=LpSolit | |||||
2012-08-06 | Bug 706271: CSRF vulnerability in token.cgi allows possible unauthorized ↵ | Frédéric Buclin | 2 | -3/+5 | |
password reset e-mail request r=reed a=LpSolit | |||||
2012-07-26 | Bug 777398: (CVE-2012-1968) [SECURITY] HTML bugmail exposes information ↵ | Frédéric Buclin | 1 | -10/+11 | |
about restricted bugs r=glob a=LpSolit | |||||
2012-07-26 | Bug 777555: Release notes for Bugzilla 4.2.2 | Frédéric Buclin | 1 | -0/+42 | |
r=dkl a=LpSolit | |||||
2012-07-26 | Backout bug 768573 to fix bustage | Frédéric Buclin | 4 | -6/+6 | |
2012-07-02 | Bug 553553 - We shouldn't be using terms.Bugzilla in the "please contribute" ↵ | Matt Selsky | 1 | -5/+6 | |
message. r=Wurblzap, a=LpSolit | |||||
2012-06-29 | Bug 762783: Change dependent bugs to use POST when the url exceeds the url ↵ | Simon Green | 1 | -5/+21 | |
length limit r=glob, a=LpSolit | |||||
2012-06-26 | Bug 768573: Templates must INCLUDE bug/field.html.tmpl instead of PROCESS'ing it | Frédéric Buclin | 4 | -6/+6 | |
r=glob a=LpSolit | |||||
2012-06-07 | Bug 761230: The server push page no longer displays all debug data | Frédéric Buclin | 1 | -9/+4 | |
r=timello a=LpSolit | |||||
2012-05-29 | Bug 754672 - CSRF vulnerability in buglist.cgi allows possible unauthorized ↵ | Reed Loden | 1 | -9/+14 | |
setting of default search options [r=LpSolit a=LpSolit] | |||||
2012-05-29 | Bug 754673 - CSRF vulnerability in query.cgi allows possible unauthorized ↵ | Reed Loden | 1 | -1/+2 | |
use of "Set my default search back to the system default" [r=LpSolit a=LpSolit] | |||||
2012-05-28 | Bug 756314: Fix dropping of unique matches when the "confirm page" page is ↵ | Byron Jones | 1 | -4/+4 | |
display. r=LpSolit, a=LpSolit | |||||
2012-05-28 | Bug 754981: Add a link pointing to the bug itself in HTML bugmails when only ↵ | Koosha Khajeh Moogahi | 1 | -0/+1 | |
a comment is added r/a=LpSolit | |||||
2012-04-30 | Bug 749074: Throw an error message instead of syntax error on invalid search ↵ | Byron Jones | 1 | -0/+4 | |
type operators r=LpSolit,a=LpSolit | |||||
2012-04-18 | Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits ↵ | Frédéric Buclin | 1 | -37/+0 | |
attackers to access all bugs that the victim can see r=glob a=LpSolit | |||||
2012-04-17 | Bug 741078: Update relnotes for 4.2.1 | Frédéric Buclin | 1 | -3/+6 | |
2012-04-17 | Bug 745197: Add a hook in Bugzilla::Error::_throw_error() so that extensions ↵ | Frédéric Buclin | 1 | -4/+2 | |
can control the way to throw errors r=dkl a=LpSolit | |||||
2012-04-15 | Comment toggling text is not localizable because it's in a .js file. | Marc Schumann | 1 | -1/+1 | |
r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=745460 | |||||
2012-04-14 | Change columns: empty buttons when images turned off. | Marc Schumann | 1 | -10/+13 | |
r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=474747 | |||||
2012-04-12 | Bug 741078: Release notes for Bugzilla 4.2.1 | Frédéric Buclin | 1 | -2/+47 | |
r=dkl | |||||
2012-04-11 | If you're not allowed to change status or resolution, their values are being ↵ | Marc Schumann | 1 | -15/+24 | |
displayed unlocalized. r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=740879 | |||||
2012-03-29 | Bug 554819: Quicksearch should be using Text::ParseWords instead of custom ↵ | Frédéric Buclin | 2 | -8/+96 | |
code in splitString Also fixes QS with accented characters (bug 730207) r=dkl a=LpSolit | |||||
2012-03-28 | Bug 735821: Fix broken HTML code in bugmail.html.tmpl. | Tiago Mello | 1 | -1/+1 | |
r/a=LpSolit | |||||
2012-03-26 | Bug 734471 - Need new hook edituser search template | Francisco Donalisio | 1 | -0/+3 | |
r=timello, a=LpSolit | |||||
2012-03-26 | Add hooks for alternative login methods. r,a=LpSolit. | Gervase Markham | 2 | -0/+5 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=698418 | |||||
2012-03-17 | Fix bustage: Bugzilla -> terms.Bugzilla | Frédéric Buclin | 1 | -3/+3 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=736057 | |||||
2012-03-17 | Bug 736057: Add to the release notes that |FILTER url_quote| has been ↵ | Frédéric Buclin | 1 | -0/+3 | |
replaced by |FILTER uri| r=dkl a=LpSolit | |||||
2012-03-10 | Tabular reports' column headers do not use display_value. | Marc Schumann | 1 | -1/+1 | |
r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=734413 | |||||
2012-03-06 | Fix bustage | Frédéric Buclin | 1 | -1/+0 | |
2012-03-06 | Bug 545610: Correctly parse CGI parameters, especially when using mod_perl | Frédéric Buclin | 1 | -6/+7 | |
r=gerv a=LpSolit | |||||
2012-03-06 | Bug 731323: Wrong URLs in the "Total" row at the bottom of tabular reports ↵ | Frédéric Buclin | 1 | -0/+8 | |
when JS is enabled and a user field is used for the vertical axis r=gerv a=LpSolit | |||||
2012-03-03 | Bug 731586: Email notifications about status changes in blockers are ↵ | Frédéric Buclin | 2 | -11/+7 | |
incorrectly formatted r=dkl a=LpSolit | |||||
2012-02-28 | Bug 695514: Slow performance in field-events.js.tmpl on show_bug.cgi with ↵ | Frédéric Buclin | 3 | -3/+14 | |
large number of products r=dkl a=LpSolit | |||||
2012-02-25 | Bug 730552: HTML markup validation: unescaped "&" in CSV link on buglist.cgi | Frédéric Buclin | 1 | -1/+1 | |
r=timello a=LpSolit | |||||
2012-02-22 | Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC ↵ | Dave Lawrence | 1 | -0/+5 | |
API when using mod_perl r/a=LpSolit | |||||
2012-02-20 | Bug 718283: Indentation and newlines in the "Descriptive text sent within ↵ | Matt Selsky | 1 | -2/+2 | |
whine message" are ignored in HTML whinemail r/a=LpSolit | |||||
2012-02-08 | Bug 722161: Clickjacking is possible in "View All" with HTML attachments | Frédéric Buclin | 1 | -4/+16 | |
r=dkl a=LpSolit |