summaryrefslogtreecommitdiffstats
path: root/template
AgeCommit message (Expand)AuthorFilesLines
2012-11-13Bug 790296 (CVE-2012-4189): [SECURITY] Field values are not escaped correctly...Frédéric Buclin1-1/+1
2012-11-13Bug 802204 (CVE-2012-4197): [SECURITY] Marking an attachment you cannot see a...Frédéric Buclin1-2/+1
2012-11-13Bug 731178 (CVE-2012-4199): [SECURITY] field-events.js.tmpl discloses product...Frédéric Buclin2-9/+21
2012-11-03Back out the last checkin, it was already thereFrédéric Buclin1-3/+0
2012-11-03Bug 805647: One more item for the 4.2.4 release notesFrédéric Buclin1-0/+3
2012-10-26Bug 805647: Release notes for Bugzilla 4.2.4Frédéric Buclin1-3/+50
2012-10-11Bug 798994: Fix incorrect double escaping when displaying saved queries URLsSimon Green1-1/+1
2012-09-29Bug 793893: Tabular reports crash when no format parameter is definedFrédéric Buclin2-2/+1
2012-09-11Bug 790215 - Flag names are not properly escaped when displayed on confirm us...Reed Loden2-2/+1
2012-09-03Bug 786889: Add missing 'Summary (first 60 chars)' header to CSV outputMatt Tyson1-0/+1
2012-08-30Bug 786351: Release notes for Bugzilla 4.2.3Frédéric Buclin1-0/+41
2012-08-28Bug 772953: Remove the token from buglist urlsByron Jones1-2/+9
2012-08-27Bug 785917: Custom field descriptions are not properly escaped when displayed...Frédéric Buclin2-2/+1
2012-08-20Bug 698068: The "There is no saved search named ..." page has a "forget" linkFrédéric Buclin1-1/+1
2012-08-06Bug 706271: CSRF vulnerability in token.cgi allows possible unauthorized pass...Frédéric Buclin2-3/+5
2012-07-26Bug 777398: (CVE-2012-1968) [SECURITY] HTML bugmail exposes information about...Frédéric Buclin1-10/+11
2012-07-26Bug 777555: Release notes for Bugzilla 4.2.2Frédéric Buclin1-0/+42
2012-07-26Backout bug 768573 to fix bustageFrédéric Buclin4-6/+6
2012-07-02Bug 553553 - We shouldn't be using terms.Bugzilla in the "please contribute" ...Matt Selsky1-5/+6
2012-06-29Bug 762783: Change dependent bugs to use POST when the url exceeds the url le...Simon Green1-5/+21
2012-06-26Bug 768573: Templates must INCLUDE bug/field.html.tmpl instead of PROCESS'ing itFrédéric Buclin4-6/+6
2012-06-07Bug 761230: The server push page no longer displays all debug dataFrédéric Buclin1-9/+4
2012-05-29Bug 754672 - CSRF vulnerability in buglist.cgi allows possible unauthorized s...Reed Loden1-9/+14
2012-05-29Bug 754673 - CSRF vulnerability in query.cgi allows possible unauthorized use...Reed Loden1-1/+2
2012-05-28Bug 756314: Fix dropping of unique matches when the "confirm page" page is di...Byron Jones1-4/+4
2012-05-28Bug 754981: Add a link pointing to the bug itself in HTML bugmails when only ...Koosha Khajeh Moogahi1-0/+1
2012-04-30Bug 749074: Throw an error message instead of syntax error on invalid search ...Byron Jones1-0/+4
2012-04-18Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits a...Frédéric Buclin1-37/+0
2012-04-17Bug 741078: Update relnotes for 4.2.1Frédéric Buclin1-3/+6
2012-04-17Bug 745197: Add a hook in Bugzilla::Error::_throw_error() so that extensions ...Frédéric Buclin1-4/+2
2012-04-15Comment toggling text is not localizable because it's in a .js file.Marc Schumann1-1/+1
2012-04-14Change columns: empty buttons when images turned off.Marc Schumann1-10/+13
2012-04-12Bug 741078: Release notes for Bugzilla 4.2.1Frédéric Buclin1-2/+47
2012-04-11If you're not allowed to change status or resolution, their values are being ...Marc Schumann1-15/+24
2012-03-29Bug 554819: Quicksearch should be using Text::ParseWords instead of custom co...Frédéric Buclin2-8/+96
2012-03-28Bug 735821: Fix broken HTML code in bugmail.html.tmpl.Tiago Mello1-1/+1
2012-03-26Bug 734471 - Need new hook edituser search templateFrancisco Donalisio1-0/+3
2012-03-26Add hooks for alternative login methods. r,a=LpSolit.Gervase Markham2-0/+5
2012-03-17Fix bustage: Bugzilla -> terms.BugzillaFrédéric Buclin1-3/+3
2012-03-17Bug 736057: Add to the release notes that |FILTER url_quote| has been replace...Frédéric Buclin1-0/+3
2012-03-10Tabular reports' column headers do not use display_value.Marc Schumann1-1/+1
2012-03-06Fix bustageFrédéric Buclin1-1/+0
2012-03-06Bug 545610: Correctly parse CGI parameters, especially when using mod_perlFrédéric Buclin1-6/+7
2012-03-06Bug 731323: Wrong URLs in the "Total" row at the bottom of tabular reports wh...Frédéric Buclin1-0/+8
2012-03-03Bug 731586: Email notifications about status changes in blockers are incorrec...Frédéric Buclin2-11/+7
2012-02-28Bug 695514: Slow performance in field-events.js.tmpl on show_bug.cgi with lar...Frédéric Buclin3-3/+14
2012-02-25Bug 730552: HTML markup validation: unescaped "&" in CSV link on buglist.cgiFrédéric Buclin1-1/+1
2012-02-22Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC API...Dave Lawrence1-0/+5
2012-02-20Bug 718283: Indentation and newlines in the "Descriptive text sent within whi...Matt Selsky1-2/+2
2012-02-08Bug 722161: Clickjacking is possible in "View All" with HTML attachmentsFrédéric Buclin1-4/+16