]>
git.ipfire.org Git - thirdparty/bugzilla.git/log
Frédéric Buclin [Sat, 17 Mar 2012 13:03:21 +0000 (14:03 +0100)]
Bug 736057: Add to the release notes that |FILTER url_quote| has been replaced by |FILTER uri|
Marc Schumann [Sat, 10 Mar 2012 16:07:30 +0000 (17:07 +0100)]
Tabular reports' column headers do not use display_value.
Frédéric Buclin [Sat, 10 Mar 2012 15:09:45 +0000 (16:09 +0100)]
Bug 730032: The documentation must mention bzr instead of cvs in the "Upgrading to New Releases" section
Frédéric Buclin [Sat, 10 Mar 2012 15:05:44 +0000 (16:05 +0100)]
Bug 731163: Search.pm can use undefined alias in ORDER BY clause
Dave Lawrence [Fri, 9 Mar 2012 20:11:57 +0000 (15:11 -0500)]
Fixed comma in documentation
Francisco Donalisio [Fri, 9 Mar 2012 20:10:17 +0000 (15:10 -0500)]
Bug 730794 - Need new hook edituser page
Frédéric Buclin [Tue, 6 Mar 2012 21:24:54 +0000 (22:24 +0100)]
Fix bustage
Frédéric Buclin [Tue, 6 Mar 2012 21:11:17 +0000 (22:11 +0100)]
Bug 545610: Correctly parse CGI parameters, especially when using mod_perl
Frédéric Buclin [Tue, 6 Mar 2012 21:05:20 +0000 (22:05 +0100)]
Bug 731323: Wrong URLs in the "Total" row at the bottom of tabular reports when JS is enabled and a user field is used for the vertical axis
Frédéric Buclin [Sat, 3 Mar 2012 15:00:27 +0000 (16:00 +0100)]
Bug 731586: Email notifications about status changes in blockers are incorrectly formatted
Emmanuel Seyman [Thu, 1 Mar 2012 22:52:38 +0000 (17:52 -0500)]
Bug 731725 - In the documentation license, the address of the FSF is incorrect
Byron Jones [Wed, 29 Feb 2012 04:51:35 +0000 (12:51 +0800)]
Bug 731219: Fix XMLRPC breakage when content-type contains a charset
Frédéric Buclin [Tue, 28 Feb 2012 22:28:17 +0000 (23:28 +0100)]
Bug 695514: Slow performance in field-events.js.tmpl on show_bug.cgi with large number of products
Frédéric Buclin [Tue, 28 Feb 2012 08:22:03 +0000 (09:22 +0100)]
Bug 731055: get_enterable_products() is very slow when a product has many components or versions
Frédéric Buclin [Mon, 27 Feb 2012 14:10:45 +0000 (15:10 +0100)]
Bug 730598: Running checksetup.pl twice deletes the DEFAULT value of the bug_see_also.class column
Matt Selsky [Sun, 26 Feb 2012 11:52:49 +0000 (12:52 +0100)]
Bug 714030: Add Mac OS 10.7 Lion detection
Matt Selsky [Sun, 26 Feb 2012 11:51:11 +0000 (12:51 +0100)]
Bug 714368: Add Windows 8 detection
Michal 'hramrach' Suchanek [Sat, 25 Feb 2012 14:19:07 +0000 (15:19 +0100)]
Bug 696352: Required fields have broken colors
Frédéric Buclin [Sat, 25 Feb 2012 14:08:23 +0000 (15:08 +0100)]
Bug 730552: HTML markup validation: unescaped "&" in CSV link on buglist.cgi
Dave Lawrence [Wed, 22 Feb 2012 20:32:45 +0000 (15:32 -0500)]
Updated docs for stable release
Dave Lawrence [Wed, 22 Feb 2012 15:46:48 +0000 (10:46 -0500)]
Bumped version number post-release
Dave Lawrence [Wed, 22 Feb 2012 15:42:43 +0000 (10:42 -0500)]
Bumped version to 4.2
Dave Lawrence [Wed, 22 Feb 2012 15:38:20 +0000 (10:38 -0500)]
Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC API when using mod_perl
Matt Selsky [Sun, 19 Feb 2012 23:26:01 +0000 (00:26 +0100)]
Bug 718283: Indentation and newlines in the "Descriptive text sent within whine message" are ignored in HTML whinemail
Frédéric Buclin [Thu, 16 Feb 2012 17:32:19 +0000 (18:32 +0100)]
Bug 723944: Plain-text only emails are mangled when they contain non-ASCII characters
Marc Schumann [Wed, 15 Feb 2012 17:52:57 +0000 (18:52 +0100)]
Test 1 fails if PERLLIB contains paths with whitespace.
Dave Lawrence [Wed, 15 Feb 2012 15:59:08 +0000 (10:59 -0500)]
Bug 724464 - JSON-RPC support shouldn't require SOAP::Lite
Frédéric Buclin [Wed, 15 Feb 2012 15:26:34 +0000 (16:26 +0100)]
Bug 722113: The profile_search table has a wrong index name
Frédéric Buclin [Tue, 14 Feb 2012 22:02:15 +0000 (23:02 +0100)]
Bug 727240: The POD for Bug.attachments is wrong about the format of the returned data
Frédéric Buclin [Wed, 8 Feb 2012 15:51:48 +0000 (16:51 +0100)]
Bug 722161: Clickjacking is possible in "View All" with HTML attachments
Dave Lawrence [Tue, 31 Jan 2012 23:51:03 +0000 (18:51 -0500)]
Bump the version number post-release
Dave Lawrence [Tue, 31 Jan 2012 16:50:42 +0000 (11:50 -0500)]
Bumped to version 4.2rc2
Frédéric Buclin [Tue, 31 Jan 2012 16:01:20 +0000 (17:01 +0100)]
(CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can lead to CSRF (no victim's action required)
Frédéric Buclin [Tue, 31 Jan 2012 15:39:50 +0000 (16:39 +0100)]
Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email addresses, which could allow an attacker to be CC'ed to private bugs by accident
Frédéric Buclin [Tue, 31 Jan 2012 12:04:49 +0000 (13:04 +0100)]
Bug 714446: Product.create default behavior is broken and inconsistent with POD
Dave Lawrence [Fri, 27 Jan 2012 22:07:47 +0000 (17:07 -0500)]
Bug 720756 - Update release notes for Bugzilla 4.2rc2
Frédéric Buclin [Fri, 27 Jan 2012 21:28:45 +0000 (22:28 +0100)]
Bug 721715: URLs in the See Also field must be detainted before inserted into the DB
Tiago Mello [Thu, 26 Jan 2012 00:47:17 +0000 (22:47 -0200)]
Fix bustage due to bug 715514.
Simon Green [Wed, 25 Jan 2012 20:14:08 +0000 (18:14 -0200)]
Bug 717217: The regexp in Bugzilla::BugUrl::JIRA::should_handle() isn't
Matt Selsky [Wed, 25 Jan 2012 20:06:17 +0000 (18:06 -0200)]
Bug 715514: Fix showdependencytree misleading in "hide resolved" view
Frédéric Buclin [Tue, 24 Jan 2012 22:21:43 +0000 (23:21 +0100)]
Bug 718183: Rename duplicated series names before inserting the new index in the series table
Frédéric Buclin [Tue, 24 Jan 2012 17:41:55 +0000 (18:41 +0100)]
Bug 715870: [Oracle] Related sequences and triggers must be removed when dropping a table
Max Kanat-Alexander [Tue, 24 Jan 2012 17:09:59 +0000 (18:09 +0100)]
Bug 633061: Require Apache2::SizeLimit 0.96 for proper operation on Linux
Matt Selsky [Sat, 21 Jan 2012 11:04:42 +0000 (12:04 +0100)]
Bug 469068: SMTP parameters not documented
Tiago Mello [Wed, 18 Jan 2012 21:32:46 +0000 (19:32 -0200)]
Bug 718905: Move user_preferences hook up, before other actions in userprefs.cgi
Dave Lawrence [Thu, 12 Jan 2012 22:16:46 +0000 (17:16 -0500)]
Bug 715731 - profile_search.user_id should have a FK pointing to profiles.userid
Simon Green [Wed, 11 Jan 2012 23:13:05 +0000 (00:13 +0100)]
Bug 717215: Remove references to url_quote filter
Frédéric Buclin [Wed, 11 Jan 2012 23:08:11 +0000 (00:08 +0100)]
Bug 715902: Do not log personal common activities in audit_log
Simon Green [Wed, 11 Jan 2012 20:13:42 +0000 (21:13 +0100)]
Bug 717210: If all attachments are stored locally (maxattachmentsize = 0, maxlocalattachment > 0), the link to attach files to bugs is not displayed
A. Shimono [Wed, 11 Jan 2012 12:21:58 +0000 (13:21 +0100)]
Bug 591638: In the admin page, the link to edit field values is named 'Field Values', not 'Legal Values'
Dave Lawrence [Wed, 11 Jan 2012 05:38:13 +0000 (00:38 -0500)]
Bug 715650 - User auto-completion does not work in request.cgi for requester and requestee as expected
Frédéric Buclin [Tue, 10 Jan 2012 23:00:53 +0000 (00:00 +0100)]
Bug 716227: When checksetup.pl tells the admin that he should edit variables in localconfig, the message should be red
Frédéric Buclin [Mon, 9 Jan 2012 23:53:33 +0000 (00:53 +0100)]
Bug 716283: Clickjacking in the attachment "Details" page allows to bypass token checks
Frédéric Buclin [Fri, 6 Jan 2012 18:12:19 +0000 (19:12 +0100)]
Bug 706753 about JSON::RPC 1.01 is now fixed
Matt Selsky [Fri, 6 Jan 2012 10:55:36 +0000 (11:55 +0100)]
Bug 695294: The See Also field is not visible in "Format for Printing"
Matt Selsky [Fri, 6 Jan 2012 10:01:08 +0000 (11:01 +0100)]
Bug 319684: The documentation is unclear about how to disable quips
Matt Selsky [Fri, 6 Jan 2012 09:47:23 +0000 (10:47 +0100)]
Bug 641957: The documentation should mention that the voting system is now an extension
Frédéric Buclin [Fri, 6 Jan 2012 09:32:11 +0000 (10:32 +0100)]
Bug 715705: User auto-completion doesn't work for watched users in the email prefs tab
Frédéric Buclin [Thu, 5 Jan 2012 23:58:18 +0000 (00:58 +0100)]
Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when displayed to the user
Frédéric Buclin [Thu, 5 Jan 2012 00:44:40 +0000 (01:44 +0100)]
Bug 706753: Bugzilla will not work with newest version of JSON::RPC 1.01 due to non-backward compatibility
Dave Lawrence [Thu, 29 Dec 2011 17:59:37 +0000 (12:59 -0500)]
Bump the version number post-release
Dave Lawrence [Wed, 28 Dec 2011 23:15:03 +0000 (18:15 -0500)]
Bump version for 4.2rc1
Frédéric Buclin [Wed, 28 Dec 2011 22:15:49 +0000 (23:15 +0100)]
Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account
Byron Jones [Wed, 28 Dec 2011 22:03:56 +0000 (17:03 -0500)]
Bug 697699 - (CVE-2011-3657) [SECURITY] XSS when viewing new charts or tabular and graphical reports in debug mode
Frédéric Buclin [Wed, 28 Dec 2011 20:57:35 +0000 (21:57 +0100)]
user_autocompletion -> ajax_user_autocompletion
Frédéric Buclin [Wed, 28 Dec 2011 20:20:04 +0000 (21:20 +0100)]
Bug 713346: Release notes for Bugzilla 4.2rc1
Frédéric Buclin [Wed, 28 Dec 2011 11:09:29 +0000 (12:09 +0100)]
Bug 713144: The SQL query to remove older searches from the profile_search table should be more robust
Frédéric Buclin [Mon, 26 Dec 2011 10:34:25 +0000 (11:34 +0100)]
Bug 683644: Foreign keys aren't renamed correctly when DB tables are renamed
Frédéric Buclin [Mon, 19 Dec 2011 18:54:21 +0000 (19:54 +0100)]
Bug 711925: Update from 4.0 or older to 4.2 or trunk fails when bug_see_also field is populated
Frédéric Buclin [Sat, 17 Dec 2011 12:53:10 +0000 (13:53 +0100)]
Fix bustage due to bug 705474
Dave Lawrence [Fri, 16 Dec 2011 20:43:21 +0000 (15:43 -0500)]
Last Comment Bug 685611 - delta_ts is updated even when no changes are made to bugs created via WebServices
Frédéric Buclin [Thu, 15 Dec 2011 15:17:29 +0000 (16:17 +0100)]
Bug 707428: Custom field values whose visibility depends on another field value do not remain selected after editing a bug
Reed Loden [Tue, 13 Dec 2011 22:30:07 +0000 (14:30 -0800)]
Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible unauthorized account creation e-mail request
Frédéric Buclin [Thu, 8 Dec 2011 23:19:07 +0000 (00:19 +0100)]
Bug 644281: When the sort order of a buglist is modified, the "Show next bug in my list" user pref still uses the original sort order to decide which bug to display next
Frédéric Buclin [Thu, 8 Dec 2011 22:44:35 +0000 (23:44 +0100)]
Bug 707170: Several features about custom fields are missing in the documentation
Frédéric Buclin [Tue, 6 Dec 2011 11:59:28 +0000 (12:59 +0100)]
Bug 657290: Bug.add_attachment() stores truncated timestamps in the DB (seconds are missing)
Matt Selsky [Mon, 5 Dec 2011 21:25:49 +0000 (22:25 +0100)]
Bug 692354: Incorrect parameter type in WebServices documentation for Bug.add_comment
Albert Ting [Mon, 5 Dec 2011 19:30:41 +0000 (20:30 +0100)]
Bug 422256: email_in.pl should send an email if user matching fails or returns too many results
Matt Selsky [Mon, 5 Dec 2011 18:58:12 +0000 (19:58 +0100)]
Bug 577854: URL field header caption does not link to field value description (confusingly links to actual URL)
Frédéric Buclin [Mon, 5 Dec 2011 17:51:18 +0000 (18:51 +0100)]
Forgot to fix all occurences of $cache->{search_columns}->{$user->id}, see bug 550299
Frédéric Buclin [Mon, 5 Dec 2011 17:26:32 +0000 (18:26 +0100)]
Bug 550299: User fields are left blank in buglists and whines when local user accounts are used (i.e. they have no @company.com suffix)
Byron Jones [Mon, 5 Dec 2011 16:42:00 +0000 (00:42 +0800)]
Bug 707594: Fix broken account lockout notifications
Frédéric Buclin [Mon, 5 Dec 2011 16:14:29 +0000 (17:14 +0100)]
Bug 701350: Oracle crashes if the 'maxattachmentsize' parameter is set to a too small value
Frédéric Buclin [Fri, 2 Dec 2011 16:35:08 +0000 (17:35 +0100)]
Bug 591610: Custom field doc doesn't include 'Bug ID' type
Frédéric Buclin [Fri, 2 Dec 2011 16:29:56 +0000 (17:29 +0100)]
Bug 591636: "is mandatory" is not documented in the Custom Fields section
Marc Schumann [Tue, 29 Nov 2011 21:17:34 +0000 (22:17 +0100)]
Bug 692737 - Main page icons are not centered.
Tiago Mello [Tue, 29 Nov 2011 20:02:39 +0000 (18:02 -0200)]
Bug 686971: Fix add_see_also to ignore empty values
Byron Jones [Tue, 29 Nov 2011 18:36:42 +0000 (02:36 +0800)]
Bug 686422: Fix custom search's history interaction on HTML4 browsers
Tiago Mello [Mon, 28 Nov 2011 22:52:14 +0000 (23:52 +0100)]
Bug 687725: Adding a local bug ID in the See Also field isn't logged in the bug history of that bug
Frédéric Buclin [Mon, 28 Nov 2011 16:10:07 +0000 (17:10 +0100)]
Bug 705393: Improve the error message thrown by Update.pm when updates.bugzilla.org is unavailable
Frédéric Buclin [Sun, 27 Nov 2011 23:25:02 +0000 (00:25 +0100)]
Redirect the error to STDERR if a query cannot be run, see bug 277073
Frédéric Buclin [Sat, 26 Nov 2011 13:18:04 +0000 (14:18 +0100)]
Bug 368250: collectstats.pl creates files with wrong ownership
Frédéric Buclin [Sat, 26 Nov 2011 00:13:18 +0000 (01:13 +0100)]
Bug 255606: Do not let buglist.cgi return all bugs by default
Frédéric Buclin [Tue, 22 Nov 2011 21:06:00 +0000 (22:06 +0100)]
Bug 703975: CSRF vulnerability in post_bug.cgi allows possible unauthorized bug creation
Reed Loden [Mon, 21 Nov 2011 22:08:54 +0000 (14:08 -0800)]
Bug 703983 - CSRF vulnerability in attachment.cgi allows possible unauthorized attachment creation
Frédéric Buclin [Sat, 19 Nov 2011 00:11:00 +0000 (01:11 +0100)]
cancelled -> canceled
Frédéric Buclin [Sat, 19 Nov 2011 00:00:50 +0000 (01:00 +0100)]
Bug 703788: Improve performance of diff_arrays() with large arrays
Tiago Mello [Fri, 18 Nov 2011 17:52:49 +0000 (15:52 -0200)]
Fix bustage due to bug 643411.
Tiago Mello [Fri, 18 Nov 2011 17:35:55 +0000 (15:35 -0200)]
Bug 643411: New default bug limit makes time summary results confusing
Gervase Markham [Fri, 18 Nov 2011 10:15:43 +0000 (10:15 +0000)]
Make Login/Stack.pm refuse to continue down the stack if an Auth method returns an explicit failure. r=dkl, a=mkanat.
projects / thirdparty / bugzilla.git / log
