Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Add missing documentation. r=mkanat. | Gervase Markham | 2011-01-27 | 1 | -1/+3 | |
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=629321 | |||||
* | Fix bustage; diffs is an arrayref in 4.0, an array on trunk. | Gervase Markham | 2011-01-27 | 1 | -1/+1 | |
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=616422 | |||||
* | Update default column list to something more sensible. r=mkanat, lpsolit, ↵ | Gervase Markham | 2011-01-27 | 1 | -2/+2 | |
| | | | | | wurblzap. https://bugzilla.mozilla.org/show_bug.cgi?id=621676 | |||||
* | Add diffs parameter to bugmail_recipients hook. r=mkanat. | Gervase Markham | 2011-01-27 | 2 | -2/+11 | |
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=616422 | |||||
* | Bug 619594: (CVE-2010-4568) [SECURITY] Improve the randomness of | Max Kanat-Alexander | 2011-01-24 | 3 | -3/+25 | |
| | | | | | | | generate_random_password, to protect against an account compromise issue and other critical vulnerabilities. r=LpSolit, a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=621591 | |||||
* | Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking ↵ | Frédéric Buclin | 2011-01-24 | 1 | -6/+21 | |
| | | | | | | | | | | for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace and Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs r=dkl a=LpSolit | |||||
* | Bug 625741: Need a hook in update_fielddefs_definition to enable adding ↵ | rojanu | 2011-01-23 | 2 | -0/+11 | |
| | | | | | | columns to fielddefs r/a=mkanat | |||||
* | Bug 591165: (CVE-2010-4411) [SECURITY] Bump minimum required version of ↵ | Reed Loden | 2011-01-21 | 1 | -2/+2 | |
| | | | | | | CGI.pm to v3.51 in order to address header injection vulnerability. [r=mkanat a=mkanat] | |||||
* | Bug 625190: Typo and Missing FK in Bugzilla::DB::Schema | David Marshall | 2011-01-15 | 1 | -3/+6 | |
| | | | | r/a=mkanat | |||||
* | Bug 623408: Message-ID is gone in bugmail for new bugs | Frédéric Buclin | 2011-01-15 | 1 | -2/+3 | |
| | | | | r=dkl a=LpSolit | |||||
* | Bug 624349: Let the config_modify_panels hook add new parameters to existing ↵ | Frédéric Buclin | 2011-01-11 | 1 | -11/+10 | |
| | | | | | | panels r/a=mkanat | |||||
* | Bug 622204: Bugzilla::Migrate crashes trying to create bugs with resolutions | 2011-01-09 | 1 | -1/+1 | ||
| | | | | r/a=mkanat | |||||
* | Bug 558803: Add a parameter to specify the password complexity for new passwords | rojanu | 2011-01-07 | 2 | -0/+22 | |
| | | | | r/a=LpSolit | |||||
* | Provide user objects to bugmail_recipients hook. r,a=mkanat. | Gervase Markham | 2011-01-07 | 2 | -1/+15 | |
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=622813 | |||||
* | Document how to add user settings. r,a=mkanat. | Gervase Markham | 2011-01-05 | 1 | -1/+2 | |
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=616427 | |||||
* | Allow extensions to add new Jobs. r,a=mkanat. | Gervase Markham | 2011-01-05 | 3 | -2/+29 | |
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=617012 | |||||
* | Bug 595410: Make it faster to display a bug that has a lot of dependencies. | Max Kanat-Alexander | 2011-01-03 | 3 | -41/+64 | |
| | | | | r=LpSolit, a=LpSolit | |||||
* | Remove unused variable, per my review comment | Frédéric Buclin | 2010-12-28 | 1 | -1/+0 | |
| | | | https://bugzilla.mozilla.org/show_bug.cgi?id=615574 | |||||
* | Bug 599539: Update the mod_perl code for Apache2::SizeLimit 0.92 | Max Kanat-Alexander | 2010-12-27 | 1 | -0/+18 | |
| | | | | r=glob, a=mkanat | |||||
* | Bug 615574: Make every search done by buglist.cgi create a list_id, so that | Max Kanat-Alexander | 2010-12-27 | 3 | -2/+60 | |
| | | | | | even Saved Searches get "last list" support. r=LpSolit, a=LpSolit | |||||
* | Bug 588013: Fix typo | timeless | 2010-12-27 | 1 | -1/+1 | |
| | | | | r/a=mkanat | |||||
* | Add contributor lines for mkanat and myself for the new BugUrl modules. | Reed Loden | 2010-12-23 | 5 | -5/+9 | |
| | | | | | Add missing period in original developer line in license block. [a=mkanat] | |||||
* | Bug 620796: Make Bugzilla::Migrate skip abnormal fields when doing | Max Kanat-Alexander | 2010-12-21 | 1 | -0/+2 | |
| | | | | | | create_legal_values (otherwise it tried to create Components there, when it should not have). r=mkanat, a=mkanat (module owner) | |||||
* | Bug 593539: Fix the bugs activity for the see_also field. | Tiago Mello | 2010-12-21 | 1 | -1/+2 | |
| | | | | r/a=mkanat | |||||
* | Bug 593539: Refactor See Also to use separate modules for each type of URL | Tiago Mello | 2010-12-20 | 8 | -160/+558 | |
| | | | | r/a=mkanat | |||||
* | Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect ↵ | Reed Loden | 2010-12-18 | 1 | -0/+6 | |
| | | | | | | against clickjacking. [r=mkanat a=mkanat] | |||||
* | Bug 619581: Make contrib/bzdbcopy.pl work again, and also make it work with | Max Kanat-Alexander | 2010-12-15 | 1 | -1/+15 | |
| | | | | | SQLite. r=mkanat, a=mkanat | |||||
* | Checkin fix for bug 619016: "DEFAULT TRUE" and "DEFAULT FALSE" were no longer | Max Kanat-Alexander | 2010-12-15 | 1 | -7/+11 | |
| | | | | | getting properly translated to 1 and 0 inside of _set_nulls_sql in Bugzilla::DB::Schema. | |||||
* | Additional fix for bug 619016: The FK adding/removing code for SQLite didn't | Max Kanat-Alexander | 2010-12-15 | 1 | -9/+26 | |
| | | | | | | work when it was modifying tables to have their first FK or removing all the FKs on a table. r=mkanat, a=mkanat (module owner) | |||||
* | Bug 619016: Make SQLite installations able to alter an existing schema, | Max Kanat-Alexander | 2010-12-15 | 2 | -20/+218 | |
| | | | | | meaning that SQLite installations can now upgrade and add custom fields. r=mkanat, a=mkanat (module owner) | |||||
* | Bug 619466: Make searching by work_time search the total time on the bug | Max Kanat-Alexander | 2010-12-15 | 1 | -5/+2 | |
| | | | | | instead of searching the time on individual comments. r=mkanat, a=mkanat (module owner) | |||||
* | Bug 617477: Fix numerous consistency and behavior issues surroudning Bug.update | Max Kanat-Alexander | 2010-12-13 | 6 | -37/+188 | |
| | | | | | | and Bugzilla::Bug. See https://bugzilla.mozilla.org/show_bug.cgi?id=617477#c2 for details. r=LpSolit, a=LpSolit | |||||
* | Bug 617030 - Add an error code for json_rpc_invalid_callback, and fix the | Max Kanat-Alexander | 2010-12-06 | 2 | -1/+2 | |
| | | | | | | regex used by _bz_callback in Bugzilla::WebService::Server::JSONRPC to accept numbers other than 0 or 1. r=LpSolit, a=mkanat | |||||
* | Bug 542931: Bug in SOAP::Lite prevents WebService:XMLRPC logins from persisting | Frédéric Buclin | 2010-12-06 | 1 | -3/+3 | |
| | | | | r/a=mkanat | |||||
* | Bug 607138: Don't send the Strict-Transport-Security header for the | Max Kanat-Alexander | 2010-12-06 | 1 | -2/+6 | |
| | | | | | attachment_base. r=LpSolit, a=LpSolit | |||||
* | Bug 529974: Let users with local editcomponents privs manage flags for ↵ | Frédéric Buclin | 2010-12-04 | 2 | -23/+98 | |
| | | | | | | products they can administer a=LpSolit (module owner) | |||||
* | Bug 611891: Don't generate cookies for logins done over GET via the WebService | Max Kanat-Alexander | 2010-11-14 | 1 | -1/+6 | |
| | | | | r=glob, a=mkanat | |||||
* | Bug 611974: collectstats.pl --regenerate fails with PostgreSQL 8.4.x ↵ | Sam Morris | 2010-11-14 | 1 | -1/+1 | |
| | | | | | | (sql_from_days() doesn't accept integers as argument) r/a=LpSolit | |||||
* | Bug 611979: Undefined subroutine &Bugzilla::Config::Advanced::check_multi ↵ | Frédéric Buclin | 2010-11-14 | 1 | -0/+2 | |
| | | | | | | when enabling strict_transport_security r=glob a=LpSolit | |||||
* | Bug 611623: The alias is not filtered in QuickSearch when passed to show_bug.cgi | Frédéric Buclin | 2010-11-13 | 1 | -0/+1 | |
| | | | | r=glob a=LpSolit | |||||
* | Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version of ↵ | Reed Loden | 2010-11-10 | 1 | -3/+3 | |
| | | | | | | CGI.pm to v3.50 in order to address header injection vulnerability. [r=mkanat a=mkanat] | |||||
* | Bug 596611: Add a hook to email_in.pl | Frédéric Buclin | 2010-11-04 | 1 | -0/+28 | |
| | | | | r/a=mkanat | |||||
* | Bug 485418: Code and template hooks for userprefs.cgi to be able to add ↵ | Frédéric Buclin | 2010-11-04 | 1 | -0/+43 | |
| | | | | | | additional tabs r=mkanat a=LpSolit | |||||
* | Bug 605573: List all available WebService methods at the top of the POD | Frédéric Buclin | 2010-11-04 | 5 | -77/+35 | |
| | | | | r/a=mkanat | |||||
* | Bug 474766: The [details] string is duplicated when replying to a comment ↵ | Frédéric Buclin | 2010-11-04 | 1 | -1/+1 | |
| | | | | | | containing a link to an attachment r/a=mkanat | |||||
* | Bug 607909: Hours worked / work_time is marked as changing when commenting ↵ | Christian Legnitto | 2010-11-03 | 2 | -3/+7 | |
| | | | | | | even when you don't enter a value r/a=LpSolit | |||||
* | When inserting comments during Bug->update, make sure that the comment | Max Kanat-Alexander | 2010-11-02 | 1 | -0/+3 | |
| | | | | | timestamp is identical to the timestamp passed in to update(). https://bugzilla.mozilla.org/show_bug.cgi?id=590334 | |||||
* | The changes to bz_create_database done by the SQLite patch broke the | Max Kanat-Alexander | 2010-11-02 | 2 | -1/+10 | |
| | | | | | | | creation of databases on other systems. This restores the original behavior while still retaining the correct error-throwing behavior for systems that can't create a SQLite database. https://bugzilla.mozilla.org/show_bug.cgi?id=337776 | |||||
* | Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to ↵ | Byron Jones | 2010-11-03 | 1 | -1/+2 | |
| | | | | | | non-random multipart/x-mixed-replace boundary r=mkanat a=LpSolit | |||||
* | Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project specific, ↵ | Frédéric Buclin | 2010-11-03 | 2 | -3/+17 | |
| | | | | | | and product names are viewable in graphs/ r=wurblzap a=LpSolit |