]>
git.ipfire.org Git - thirdparty/bugzilla.git/log
Max Kanat-Alexander [Thu, 3 Feb 2011 21:36:24 +0000 (13:36 -0800)]
Bug 630750: Don't let "." and "lib" get into @INC when running under
Max Kanat-Alexander [Wed, 2 Feb 2011 08:53:25 +0000 (00:53 -0800)]
Bug 630681: Implement a MOD function for SQLite so collectstats.pl can run
David Lawrence [Tue, 1 Feb 2011 16:00:46 +0000 (11:00 -0500)]
Bug 461014 - How to create a private attachment in enter_bug.cgi not obvious
Max Kanat-Alexander [Mon, 31 Jan 2011 23:16:32 +0000 (15:16 -0800)]
Redesign the Install::DB code for migrating queries to tags, including adding
Graeme Coates [Mon, 31 Jan 2011 22:46:15 +0000 (23:46 +0100)]
Bug 629007: Example in quicksearch priority shortcut is incorrect
Frédéric Buclin [Sun, 30 Jan 2011 19:05:40 +0000 (20:05 +0100)]
Another bustage fix for bug 616185: in some cases, the columnlist parameter was appended to the list of bugs
Frédéric Buclin [Sun, 30 Jan 2011 12:56:07 +0000 (13:56 +0100)]
Typo :(
Frédéric Buclin [Sun, 30 Jan 2011 12:44:46 +0000 (13:44 +0100)]
Fix bustage for bug 616185: commas are encoded as %2C in Bugzilla 3.x, but not in 2.22
Frédéric Buclin [Sun, 30 Jan 2011 12:07:59 +0000 (13:07 +0100)]
Bug 616185: Move tags (aka lists of bugs) to their own DB tables
David Lawrence [Fri, 28 Jan 2011 16:30:29 +0000 (11:30 -0500)]
Bug 622080 - Change group which can moderate quips
David Lawrence [Thu, 27 Jan 2011 21:49:58 +0000 (16:49 -0500)]
Bug 622679 - Autocomplete suggests inactive/disabled accounts as matches
Gervase Markham [Thu, 27 Jan 2011 12:55:58 +0000 (12:55 +0000)]
Allow extensions to alter quicksearch terms and search format. r=mkanat.
Gervase Markham [Thu, 27 Jan 2011 12:42:01 +0000 (12:42 +0000)]
Allow jobqueue.pl to run once and then exit. r=mkanat.
Gervase Markham [Thu, 27 Jan 2011 11:59:40 +0000 (11:59 +0000)]
Add missing documentation. r=mkanat.
Gervase Markham [Thu, 27 Jan 2011 11:58:28 +0000 (11:58 +0000)]
Allow addition/removal of descriptions of statuses and resolutions. r=mkanat.
Gervase Markham [Thu, 27 Jan 2011 11:10:27 +0000 (11:10 +0000)]
Fix bustage; diffs is an arrayref in 4.0, an array on trunk.
Gervase Markham [Thu, 27 Jan 2011 10:39:32 +0000 (10:39 +0000)]
Update default column list to something more sensible. r=mkanat, lpsolit, wurblzap.
Gervase Markham [Thu, 27 Jan 2011 10:35:32 +0000 (10:35 +0000)]
Add diffs parameter to bugmail_recipients hook. r=mkanat.
Gervase Markham [Tue, 25 Jan 2011 17:22:50 +0000 (17:22 +0000)]
Make param pages without a sortkey sort to the end. r=dkl, a=lpsolit.
Max Kanat-Alexander [Mon, 24 Jan 2011 21:43:38 +0000 (13:43 -0800)]
Bug 619594: (CVE-2010-4568) [SECURITY] Improve the randomness of
David Lawrence [Mon, 24 Jan 2011 19:35:31 +0000 (14:35 -0500)]
Bug 621105 - [SECURITY] Voting lacks CSRF protection
Frédéric Buclin [Mon, 24 Jan 2011 18:29:39 +0000 (19:29 +0100)]
Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace
Reed Loden [Mon, 24 Jan 2011 18:12:00 +0000 (10:12 -0800)]
Bug 621572: (CVE-2010-4572) [SECURITY] chart.cgi vulnerable to header-injection due to use of |print "Location:"| instead of $cgi->redirect
Reed Loden [Mon, 24 Jan 2011 18:08:37 +0000 (10:08 -0800)]
Bug 619648: (CVE-2010-4570) [SECURITY] XSS via summary in "possible duplicates" table due to lack of encoding by YUI
Reed Loden [Mon, 24 Jan 2011 18:05:09 +0000 (10:05 -0800)]
Bug 619637: (CVE-2010-4569) [SECURITY] XSS in user autocomplete due to lack of encoding by YUI
Frédéric Buclin [Mon, 24 Jan 2011 17:23:39 +0000 (18:23 +0100)]
Bug 621110: [SECURITY] Quips (adding/approving/deleting) lacks CSRF protection
Frédéric Buclin [Mon, 24 Jan 2011 17:12:29 +0000 (18:12 +0100)]
Bug 621108: [SECURITY] Creating/editing charts lacks CSRF protection
Frédéric Buclin [Mon, 24 Jan 2011 17:04:59 +0000 (18:04 +0100)]
Bug 621107: [SECURITY] Sanity checking lacks CSRF protection
Max Kanat-Alexander [Mon, 24 Jan 2011 04:11:03 +0000 (20:11 -0800)]
An optional module was accidentally listed in the "required" section of the
Max Kanat-Alexander [Mon, 24 Jan 2011 03:57:21 +0000 (19:57 -0800)]
Bug 627910: Update Release Notes for Bugzilla 4.0rc2
rojanu [Sun, 23 Jan 2011 12:06:51 +0000 (13:06 +0100)]
Bug 625741: Need a hook in update_fielddefs_definition to enable adding columns to fielddefs
timeless [Sat, 22 Jan 2011 21:22:59 +0000 (13:22 -0800)]
Bug 621128 - Remove trailing whitespace from '<div id="view_disabled" >'
rojanu [Sat, 22 Jan 2011 17:51:36 +0000 (18:51 +0100)]
Bug 624696: We need a template hook to add a description to parameters added by extensions
Frédéric Buclin [Sat, 22 Jan 2011 17:15:42 +0000 (18:15 +0100)]
Bug 621109: Column changing lacks CSRF protection
David Lawrence [Fri, 21 Jan 2011 21:41:53 +0000 (16:41 -0500)]
Bug 627854: Add 'form' hook to create-guided.html.tmpl similar to create.html.tmpl
Reed Loden [Fri, 21 Jan 2011 21:14:36 +0000 (13:14 -0800)]
Bug 591165: (CVE-2010-4411) [SECURITY] Bump minimum required version of CGI.pm to v3.51 in order to address header injection vulnerability.
Reed Loden [Fri, 21 Jan 2011 20:53:34 +0000 (12:53 -0800)]
Bug 627660 - Rename "Send" button on final create account page to "Create", as nothing is actually sent.
David Lawrence [Fri, 21 Jan 2011 06:35:50 +0000 (01:35 -0500)]
Bug 626292: "Make description private" checkbox should set bz_private class on the comment box
David Lawrence [Fri, 21 Jan 2011 05:06:40 +0000 (00:06 -0500)]
Bug 623608 - Add intro/outro extension hooks to footer.html.tmpl
David Lawrence [Fri, 21 Jan 2011 04:46:40 +0000 (23:46 -0500)]
Bug 626658 - Add (take) link to bug edit page to allow quick assigning to the current user
David Marshall [Sat, 15 Jan 2011 00:11:57 +0000 (01:11 +0100)]
Bug 625190: Typo and Missing FK in Bugzilla::DB::Schema
Frédéric Buclin [Sat, 15 Jan 2011 00:08:08 +0000 (01:08 +0100)]
Bug 623408: Message-ID is gone in bugmail for new bugs
Frédéric Buclin [Mon, 10 Jan 2011 23:05:53 +0000 (00:05 +0100)]
Bug 624349: Let the config_modify_panels hook add new parameters to existing panels
A. Shimono [Sun, 9 Jan 2011 14:24:48 +0000 (15:24 +0100)]
Bug 618841: Bare word "bug" in release notes
<Alex> [Sun, 9 Jan 2011 14:16:34 +0000 (15:16 +0100)]
Bug 622204: Bugzilla::Migrate crashes trying to create bugs with resolutions
rojanu [Fri, 7 Jan 2011 14:14:40 +0000 (15:14 +0100)]
Bug 558803: Add a parameter to specify the password complexity for new passwords
Frédéric Buclin [Fri, 7 Jan 2011 12:32:19 +0000 (13:32 +0100)]
Bug 255524: The duplicates table inherits no CSS classes when viewed in simple format
Gervase Markham [Fri, 7 Jan 2011 11:00:25 +0000 (11:00 +0000)]
Provide user objects to bugmail_recipients hook. r,a=mkanat.
David Lawrence [Fri, 7 Jan 2011 04:02:28 +0000 (23:02 -0500)]
Bug 621090 - [SECURITY] Adding saved searches lacks CSRF protection
Gervase Markham [Wed, 5 Jan 2011 16:58:05 +0000 (16:58 +0000)]
Document how to add user settings. r,a=mkanat.
Gervase Markham [Wed, 5 Jan 2011 11:48:49 +0000 (11:48 +0000)]
Allow extensions to add new Jobs. r,a=mkanat.
Gervase Markham [Wed, 5 Jan 2011 10:35:10 +0000 (10:35 +0000)]
Bug 622822 - add additional_links hook to front page. r,a=mkanat.
Max Kanat-Alexander [Tue, 4 Jan 2011 02:09:42 +0000 (18:09 -0800)]
Bug 595410: Make it faster to display a bug that has a lot of dependencies.
Tiago Mello [Sun, 2 Jan 2011 19:50:43 +0000 (17:50 -0200)]
Bug 622437: Remove 'colchange_columns' hook from the Example extension
David Lawrence [Thu, 30 Dec 2010 16:36:59 +0000 (11:36 -0500)]
Bug 622105 - Misspelling in setting_info_invalid error message
Max Kanat-Alexander [Tue, 28 Dec 2010 22:47:33 +0000 (14:47 -0800)]
Bug 621597: Make mod_perl.pl do the INC configuration itself, instead of
Frédéric Buclin [Tue, 28 Dec 2010 02:09:31 +0000 (03:09 +0100)]
Remove unused variable, per my review comment
A. Shimono (himorin) [Mon, 27 Dec 2010 22:36:28 +0000 (23:36 +0100)]
Bug 618844: Make clear that the Apache module must be enabled in release notes
A. Shimono (himorin) [Mon, 27 Dec 2010 22:29:06 +0000 (23:29 +0100)]
Bug 618842: Enclose checksetup.pl between <kbd> and </kbd> tags in templates
Max Kanat-Alexander [Mon, 27 Dec 2010 22:19:08 +0000 (14:19 -0800)]
Bug 599539: Update the mod_perl code for Apache2::SizeLimit 0.92
Max Kanat-Alexander [Mon, 27 Dec 2010 22:13:38 +0000 (14:13 -0800)]
Bug 615574: Make every search done by buglist.cgi create a list_id, so that
Christian Legnitto [Mon, 27 Dec 2010 22:00:07 +0000 (23:00 +0100)]
Bug 603762: Vertical margins between header, footer, and content are not consistent
timeless [Mon, 27 Dec 2010 21:49:36 +0000 (22:49 +0100)]
Bug 588013: Fix typo
Reed Loden [Thu, 23 Dec 2010 09:42:48 +0000 (03:42 -0600)]
Add contributor lines for mkanat and myself for the new BugUrl modules.
Max Kanat-Alexander [Tue, 21 Dec 2010 23:53:49 +0000 (15:53 -0800)]
Bug 620796: Make Bugzilla::Migrate skip abnormal fields when doing
Tiago Mello [Tue, 21 Dec 2010 12:30:45 +0000 (10:30 -0200)]
Bug 593539: Fix the bugs activity for the see_also field.
Tiago Mello [Mon, 20 Dec 2010 22:49:10 +0000 (20:49 -0200)]
Bug 593539: Refactor See Also to use separate modules for each type of URL
Reed Loden [Sat, 18 Dec 2010 08:40:24 +0000 (00:40 -0800)]
Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect against clickjacking.
Max Kanat-Alexander [Thu, 16 Dec 2010 19:26:19 +0000 (11:26 -0800)]
Remove some real configuration data that had crept into bzdbcopy.pl.
Max Kanat-Alexander [Thu, 16 Dec 2010 01:42:37 +0000 (17:42 -0800)]
Bug 619581: Make contrib/bzdbcopy.pl work again, and also make it work with
Max Kanat-Alexander [Wed, 15 Dec 2010 23:18:52 +0000 (15:18 -0800)]
Checkin fix for bug 619016: "DEFAULT TRUE" and "DEFAULT FALSE" were no longer
Frédéric Buclin [Wed, 15 Dec 2010 23:09:17 +0000 (00:09 +0100)]
Bug 313583: Remove long_list.cgi, showattachment.cgi and xml.cgi.
Max Kanat-Alexander [Wed, 15 Dec 2010 22:48:38 +0000 (14:48 -0800)]
Additional fix for bug 619016: The FK adding/removing code for SQLite didn't
Max Kanat-Alexander [Wed, 15 Dec 2010 22:13:11 +0000 (14:13 -0800)]
Bug 619016: Make SQLite installations able to alter an existing schema,
Max Kanat-Alexander [Wed, 15 Dec 2010 22:06:01 +0000 (14:06 -0800)]
Bug 619466: Make searching by work_time search the total time on the bug
Max Kanat-Alexander [Mon, 13 Dec 2010 20:54:20 +0000 (12:54 -0800)]
Bug 617477: Fix numerous consistency and behavior issues surroudning Bug.update
Max Kanat-Alexander [Sun, 12 Dec 2010 18:55:17 +0000 (10:55 -0800)]
Bug 618161: Make VERSION into a constant in two included extensions so that
Frank Becker [Fri, 10 Dec 2010 21:31:37 +0000 (13:31 -0800)]
Bug 610182: Support enabling UNCONFIRMED in all products when using
Frédéric Buclin [Wed, 8 Dec 2010 20:13:06 +0000 (21:13 +0100)]
Bug 617684: Values starting with a dot or an underscore are no longer hidden in reports
Frédéric Buclin [Wed, 8 Dec 2010 18:41:52 +0000 (19:41 +0100)]
Bug 617630: Improve get_names() in report.cgi
miketosh [Wed, 8 Dec 2010 15:29:46 +0000 (16:29 +0100)]
Bug 567953: Components which exist in several products are duplicated in tabular reports
Max Kanat-Alexander [Mon, 6 Dec 2010 18:59:23 +0000 (10:59 -0800)]
Bug 617030 - Add an error code for json_rpc_invalid_callback, and fix the
Frédéric Buclin [Mon, 6 Dec 2010 17:10:29 +0000 (18:10 +0100)]
Bug 542931: Bug in SOAP::Lite prevents WebService:XMLRPC logins from persisting
Max Kanat-Alexander [Mon, 6 Dec 2010 15:52:31 +0000 (07:52 -0800)]
Bug 607138: Don't send the Strict-Transport-Security header for the
Frédéric Buclin [Sat, 4 Dec 2010 01:22:49 +0000 (02:22 +0100)]
Bug 529974: Let users with local editcomponents privs manage flags for products they can administer
Guy Pyrzak [Fri, 3 Dec 2010 00:08:17 +0000 (16:08 -0800)]
Bug 607675: In Firefox, YAHOO.util.Event.addListener/on events no longer exist after a user clicks back
A. Shimono [Tue, 30 Nov 2010 17:43:06 +0000 (18:43 +0100)]
Fix typo
Frédéric Buclin [Sat, 27 Nov 2010 21:10:02 +0000 (22:10 +0100)]
Bug 416784: In PostgreSQL 8.1 and newer, createuser takes the argument -R instead of -A
Guy Pyrzak [Sun, 21 Nov 2010 13:19:10 +0000 (14:19 +0100)]
Bug 386600: Implement auto-completion for the requestee field
Max Kanat-Alexander [Mon, 15 Nov 2010 07:36:39 +0000 (23:36 -0800)]
Bug 611891: Don't generate cookies for logins done over GET via the WebService
Max Kanat-Alexander [Mon, 15 Nov 2010 07:28:13 +0000 (23:28 -0800)]
Bug 599552: Clean up mod_perl.pl, and make it use the same CGI.pm compile
Frank Becker [Sun, 14 Nov 2010 19:11:39 +0000 (20:11 +0100)]
Bug 610217: config.cgi?ctype=rdf should include product.allows_unconfirmed
Sam Morris [Sun, 14 Nov 2010 19:02:08 +0000 (20:02 +0100)]
Bug 611974: collectstats.pl --regenerate fails with PostgreSQL 8.4.x (sql_from_days() doesn't accept integers as argument)
Frédéric Buclin [Sun, 14 Nov 2010 18:52:55 +0000 (19:52 +0100)]
Bug 611979: Undefined subroutine &Bugzilla::Config::Advanced::check_multi when enabling strict_transport_security
Frédéric Buclin [Sat, 13 Nov 2010 00:06:32 +0000 (01:06 +0100)]
Bug 611623: The alias is not filtered in QuickSearch when passed to show_bug.cgi
Reed Loden [Thu, 11 Nov 2010 02:08:54 +0000 (18:08 -0800)]
Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version of CGI.pm to v3.50 in order to address header injection vulnerability.
Guy Pyrzak [Wed, 10 Nov 2010 23:48:30 +0000 (00:48 +0100)]
Bug 591535: "Give me some help" link's iframe behavior is no longer necessary
Frédéric Buclin [Thu, 4 Nov 2010 17:09:30 +0000 (18:09 +0100)]
Bug 596611: Add a hook to email_in.pl
Frédéric Buclin [Thu, 4 Nov 2010 17:00:58 +0000 (18:00 +0100)]
Bug 485418: Code and template hooks for userprefs.cgi to be able to add additional tabs
Frédéric Buclin [Thu, 4 Nov 2010 16:52:29 +0000 (17:52 +0100)]
Bug 605573: List all available WebService methods at the top of the POD
projects / thirdparty / bugzilla.git / log
