bugzilla - Bugzilla

Age	Commit message (Collapse)	Author	Files	Lines
2011-01-24	Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking ↵	Frédéric Buclin	3	-13/+8
	for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace and Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs r=dkl a=LpSolit
2011-01-24	Bug 619648: (CVE-2010-4570) [SECURITY] XSS via summary in "possible ↵	Reed Loden	1	-1/+2
	duplicates" table due to lack of encoding by YUI [r=mkanat a=LpSolit]
2011-01-24	Bug 621110: [SECURITY] Quips (adding/approving/deleting) lacks CSRF protection	Frédéric Buclin	1	-1/+6
	r=dkl a=LpSolit
2011-01-24	Bug 621108: [SECURITY] Creating/editing charts lacks CSRF protection	Frédéric Buclin	2	-0/+3
	r=dkl a=LpSolit
2011-01-24	Bug 621107: [SECURITY] Sanity checking lacks CSRF protection	Frédéric Buclin	1	-6/+12
	r=dkl a=LpSolit
2011-01-24	An optional module was accidentally listed in the "required" section of the	Max Kanat-Alexander	1	-2/+2
	release notes. https://bugzilla.mozilla.org/show_bug.cgi?id=627910
2011-01-24	Bug 627910: Update Release Notes for Bugzilla 4.0rc2	Max Kanat-Alexander	1	-6/+26
	r=reed
2011-01-22	Bug 621128 - Remove trailing whitespace from '<div id="view_disabled" >'	timeless	1	-1/+1
	[r=reed a=LpSolit]
2011-01-22	Bug 624696: We need a template hook to add a description to parameters added ↵	rojanu	1	-0/+1
	by extensions r/a=mkanat
2011-01-22	Bug 621109: Column changing lacks CSRF protection	Frédéric Buclin	1	-0/+5
	r=dkl a=mkanat
2011-01-21	Bug 627854: Add 'form' hook to create-guided.html.tmpl similar to ↵	David Lawrence	1	-0/+2
	create.html.tmpl r/a=mkanat
2011-01-21	Bug 627660 - Rename "Send" button on final create account page to "Create", ↵	Reed Loden	1	-1/+1
	as nothing is actually sent. [r=mkanat a=mkanat]
2011-01-21	Bug 626292: "Make description private" checkbox should set bz_private class ↵	David Lawrence	2	-3/+5
	on the comment box r/a=mkanat
2011-01-21	Bug 623608 - Add intro/outro extension hooks to footer.html.tmpl	David Lawrence	1	-2/+2
	r/a=mkanat
2011-01-21	Bug 626658 - Add (take) link to bug edit page to allow quick assigning to ↵	David Lawrence	1	-0/+10
	the current user r/a=mkanat
2011-01-09	Bug 618841: Bare word "bug" in release notes	A. Shimono	1	-3/+3
	r=dkl a=LpSolit
2011-01-07	Bug 558803: Add a parameter to specify the password complexity for new passwords	rojanu	2	-1/+30
	r/a=LpSolit
2011-01-07	Bug 255524: The duplicates table inherits no CSS classes when viewed in ↵	Frédéric Buclin	1	-0/+4
	simple format r=dkl a=LpSolit
2011-01-07	Bug 621090 - [SECURITY] Adding saved searches lacks CSRF protection	David Lawrence	2	-0/+2
	r/a=mkanat
2011-01-05	Allow extensions to add new Jobs. r,a=mkanat.	Gervase Markham	1	-1/+2
	https://bugzilla.mozilla.org/show_bug.cgi?id=617012
2011-01-05	Bug 622822 - add additional_links hook to front page. r,a=mkanat.	Gervase Markham	1	-0/+1

2011-01-04	Bug 595410: Make it faster to display a bug that has a lot of dependencies.	Max Kanat-Alexander	4	-56/+101
	r=LpSolit, a=LpSolit
2010-12-30	Bug 622105 - Misspelling in setting_info_invalid error message	David Lawrence	1	-1/+1
	r/a=LpSolit
2010-12-27	Bug 618844: Make clear that the Apache module must be enabled in release notes	A. Shimono (himorin)	1	-2/+2
	r/a=mkanat
2010-12-27	Bug 618842: Enclose checksetup.pl between <kbd> and </kbd> tags in templates	A. Shimono (himorin)	5	-15/+15
	r/a=mkanat
2010-12-27	Bug 599539: Update the mod_perl code for Apache2::SizeLimit 0.92	Max Kanat-Alexander	1	-2/+2
	r=glob, a=mkanat
2010-12-16	Bug 313583: Remove long_list.cgi, showattachment.cgi and xml.cgi.	Frédéric Buclin	1	-0/+4
	They are all deprecated since Bugzilla 2.19. r/a=mkanat
2010-12-13	Bug 617477: Fix numerous consistency and behavior issues surroudning Bug.update	Max Kanat-Alexander	1	-4/+4
	and Bugzilla::Bug. See https://bugzilla.mozilla.org/show_bug.cgi?id=617477#c2 for details. r=LpSolit, a=LpSolit
2010-12-04	Bug 529974: Let users with local editcomponents privs manage flags for ↵	Frédéric Buclin	3	-23/+71
	products they can administer a=LpSolit (module owner)
2010-12-03	Bug 607675: In Firefox, YAHOO.util.Event.addListener/on events no longer ↵	Guy Pyrzak	1	-3/+5
	exist after a user clicks back r:LpSolit, a:mkanat
2010-11-30	Fix typo	A. Shimono	1	-1/+1
	r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=615570
2010-11-21	Bug 386600: Implement auto-completion for the requestee field	Guy Pyrzak	3	-29/+26
	r/a=LpSolit
2010-11-14	Bug 610217: config.cgi?ctype=rdf should include product.allows_unconfirmed	Frank Becker	1	-0/+1
	r/a=mkanat
2010-11-11	Bug 591535: "Give me some help" link's iframe behavior is no longer necessary	Guy Pyrzak	1	-17/+4
	r=LpSolit r=mkanat a=mkanat
2010-11-04	Bug 485418: Code and template hooks for userprefs.cgi to be able to add ↵	Frédéric Buclin	1	-0/+2
	additional tabs r=mkanat a=LpSolit
2010-11-03	Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project specific, ↵	Frédéric Buclin	2	-2/+2
	and product names are viewable in graphs/ r=wurblzap a=LpSolit
2010-11-02	Bug 607581: URLs in the See Also field are not linkified when the user is ↵	Frédéric Buclin	1	-0/+6
	logged out r=pyrzak a=LpSolit
2010-11-02	Bug 608375: The calendar widget is not available in the Time Summary page	Guy Pyrzak	1	-3/+19
	r=wicked a=mkanat
2010-11-01	Bug 607323: Be clearer in the release notes that a new Apache configuration	Max Kanat-Alexander	1	-8/+25
	is required r=LpSolit, a=mkanat
2010-10-30	Bug 608437: Unused variables passed to flag/list.html.tmpl	Frédéric Buclin	2	-5/+2
	a=LpSolit (module owner)
2010-10-29	Bug 600516: The "Content Type" and "Flags" sections are not displayed when ↵	Frédéric Buclin	1	-2/+2
	trying to add attachments on an existing bug and the user previously clicked "Hide Advanced Fields" in enter_bug.cgi a=LpSolit (module owner)
2010-10-28	Bug 607716: The attachment content is pasted into a comment when editing an ↵	Guy Pyrzak	2	-0/+6
	attachment with JS disabled r=LpSolit r=mkanat a=LpSolit
2010-10-27	Bug 337776: Basic SQLite Support for Bugzilla	Max Kanat-Alexander	1	-2/+4
	r=LpSolit, a=mkanat
2010-10-27	The browser-side comment-wrapping patch didn't actually make 4.0, so remove	Max Kanat-Alexander	1	-4/+0
	it from the release notes.
2010-10-27	Bug 551468: Stop word-wrapping comments on the server	Max Kanat-Alexander	7	-19/+10
	r=glob, a=mkanat
2010-10-26	Bug 607083: Improve the error message that install-module.pl prints when	Max Kanat-Alexander	1	-0/+1
	you specify an invalid CPAN module. r=mkanat, a=mkanat (module owner)
2010-10-25	Bug 451759: Hide "Add to footer" checkboxes when not sharing a saved searches	Frédéric Buclin	1	-8/+8
	r=pyrzak a=LpSolit
2010-10-24	Bug 606518: query.cgi#chart doesn't work anymore (again)	Guy Pyrzak	1	-1/+1
	r/a=LpSolit
2010-10-23	Bug 604256: Release Notes for Bugzilla 4.0rc1.	Max Kanat-Alexander	1	-21/+894
	r=LpSolit, a=mkanat
2010-10-23	Bug 593138: When confirming a CSRF violation (the confirm-action page),	Max Kanat-Alexander	1	-0/+1
	include an HTML comment describing the exact violation that occurred, so that screen-scrapers can know what violation they hit. r=mkanat, a=mkanat