]>
git.ipfire.org Git - thirdparty/bugzilla.git/log
Frédéric Buclin [Mon, 20 Aug 2012 09:02:24 +0000 (11:02 +0200)]
Bug 698068: The "There is no saved search named ..." page has a "forget" link
Frédéric Buclin [Wed, 15 Aug 2012 19:29:25 +0000 (21:29 +0200)]
Bug 771100: Unable to attach a file to a bug with perl 5.16
Frédéric Buclin [Sun, 12 Aug 2012 12:14:38 +0000 (14:14 +0200)]
Bug 781059 part 2: -moz-border-radius is obsolete and must be replaced by the standard border-radius CSS property
Frédéric Buclin [Wed, 8 Aug 2012 10:23:45 +0000 (12:23 +0200)]
Bug 781059: -moz-border-radius is obsolete and must be replaced by the standard border-radius CSS property
Reed Loden [Tue, 7 Aug 2012 15:54:26 +0000 (08:54 -0700)]
Bug 780883 - s/fieldAutoComp/keywordAutoComp/ (fallout from bad 4.2 commit in bug 764517)
SImon Green [Tue, 7 Aug 2012 04:59:38 +0000 (12:59 +0800)]
Bug 779709: Don't allow searching on changes to private attachments or comments
Frédéric Buclin [Mon, 6 Aug 2012 21:44:33 +0000 (23:44 +0200)]
Bug 706271: CSRF vulnerability in token.cgi allows possible unauthorized password reset e-mail request
Koosha Khajeh Moogahi [Fri, 3 Aug 2012 16:41:45 +0000 (12:41 -0400)]
Bug 682317 - Bug.create is incorrectly documented as ignoring invalid fields; it should say it produces an error
Frédéric Buclin [Fri, 3 Aug 2012 10:20:19 +0000 (12:20 +0200)]
Bug 780028: Oracle crashes if a column listed in ORDER BY appears twice in SELECT
Matt Selsky [Mon, 30 Jul 2012 20:52:38 +0000 (16:52 -0400)]
Bug 778226 - Add Mac OS 10.8 Mountain Lion detection
Dave Lawrence [Thu, 26 Jul 2012 22:46:12 +0000 (18:46 -0400)]
Bumped version post release
Dave Lawrence [Thu, 26 Jul 2012 21:32:35 +0000 (17:32 -0400)]
Bump version to 4.2.2
Frédéric Buclin [Thu, 26 Jul 2012 21:04:08 +0000 (23:04 +0200)]
Bug 777398: (CVE-2012-1968) [SECURITY] HTML bugmail exposes information about restricted bugs
Markus Kolb [Thu, 26 Jul 2012 20:43:30 +0000 (16:43 -0400)]
Bug 774625 - describecomponents.cgi - product category listing is not sorted
Frédéric Buclin [Thu, 26 Jul 2012 15:14:07 +0000 (17:14 +0200)]
Bug 777555: Release notes for Bugzilla 4.2.2
Frédéric Buclin [Thu, 26 Jul 2012 01:31:07 +0000 (03:31 +0200)]
Backout bug 768573 to fix bustage
Koosha Khajeh Moogahi [Wed, 25 Jul 2012 21:41:02 +0000 (17:41 -0400)]
Bug 776103 - Syntax error in Bugzilla::User::Setting API doc
Frédéric Buclin [Tue, 24 Jul 2012 14:03:46 +0000 (16:03 +0200)]
Bug 753688: Classification doesn't work as z-axis on reports
Byron Jones [Tue, 24 Jul 2012 08:57:33 +0000 (16:57 +0800)]
Bug 764517: Don't automatically select the first keyword if the search string is empty
Matt Selsky [Sun, 1 Jul 2012 23:44:23 +0000 (01:44 +0200)]
Bug 553553 - We shouldn't be using terms.Bugzilla in the "please contribute" message.
Simon Green [Fri, 29 Jun 2012 04:50:32 +0000 (12:50 +0800)]
Bug 762783: Change dependent bugs to use POST when the url exceeds the url length limit
Frédéric Buclin [Wed, 27 Jun 2012 16:12:10 +0000 (18:12 +0200)]
Bug 768870: The "Un-forget the search" link has no token
Frédéric Buclin [Tue, 26 Jun 2012 18:51:46 +0000 (20:51 +0200)]
Bug 768573: Templates must INCLUDE bug/field.html.tmpl instead of PROCESS'ing it
A. Shimono [Wed, 20 Jun 2012 22:20:40 +0000 (00:20 +0200)]
Bug 762785: Attachments are attached to the wrong comment when created by email_in.pl
Koosha Khajeh Moogahi [Fri, 8 Jun 2012 22:16:16 +0000 (00:16 +0200)]
Bug 577014: [SINGLE|MULTIPLE]_SELECT custom fields with no new values, containing only the default value '---' and marked as mandatory, blocks the user to update/create a bug
Simon Green [Fri, 8 Jun 2012 07:01:10 +0000 (15:01 +0800)]
Bug 760075: Fix error thrown when an allwords search starts with or ends with a space
Frédéric Buclin [Thu, 7 Jun 2012 21:35:00 +0000 (23:35 +0200)]
Bug 761230: The server push page no longer displays all debug data
Reed Loden [Tue, 29 May 2012 15:23:18 +0000 (08:23 -0700)]
Bug 754672 - CSRF vulnerability in buglist.cgi allows possible unauthorized setting of default search options
Reed Loden [Tue, 29 May 2012 14:52:31 +0000 (07:52 -0700)]
Bug 754673 - CSRF vulnerability in query.cgi allows possible unauthorized use of "Set my default search back to the system default"
Reed Loden [Tue, 29 May 2012 14:45:06 +0000 (07:45 -0700)]
Bug 754561 - Escape HTML in keywords in the auto-complete form
Byron Jones [Mon, 28 May 2012 16:58:23 +0000 (00:58 +0800)]
Bug 756314: Fix dropping of unique matches when the "confirm page" page is display.
Koosha Khajeh Moogahi [Sun, 27 May 2012 23:36:39 +0000 (01:36 +0200)]
Bug 754981: Add a link pointing to the bug itself in HTML bugmails when only a comment is added
Byron Jones [Thu, 24 May 2012 06:17:50 +0000 (14:17 +0800)]
Bug 744691: Throw an error early when calling a method from a non-existent class
Frédéric Buclin [Mon, 21 May 2012 18:07:33 +0000 (20:07 +0200)]
Bug 754090: Bugzilla::FlagType::match() crashes when the group parameter is not a number
Simon Green [Thu, 17 May 2012 13:23:35 +0000 (15:23 +0200)]
Bug 752751: Perl modules that start with a protocol (eg HTTP::Header) are not escaped correctly in SAFE_URL_REGEXP
Håkan Jerning [Mon, 7 May 2012 19:09:42 +0000 (21:09 +0200)]
Bug 744338: jobqueue.pl won't work if not called from the bugzilla/ root directory
Byron Jones [Mon, 30 Apr 2012 06:41:43 +0000 (14:41 +0800)]
Bug 749074: Throw an error message instead of syntax error on invalid search type operators
Dave Lawrence [Wed, 18 Apr 2012 22:29:24 +0000 (15:29 -0700)]
Bumping the version post-release
Dave Lawrence [Wed, 18 Apr 2012 18:02:35 +0000 (11:02 -0700)]
Bump version to 4.2.1
Frédéric Buclin [Wed, 18 Apr 2012 17:00:42 +0000 (19:00 +0200)]
Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits attackers to access all bugs that the victim can see
Frédéric Buclin [Wed, 18 Apr 2012 16:47:02 +0000 (18:47 +0200)]
Bug 728639: (CVE-2012-0465) [SECURITY] User lockout policy can be bypassed by altering the X-FORWARDED-FOR header
Frédéric Buclin [Wed, 18 Apr 2012 14:49:57 +0000 (16:49 +0200)]
Bug 746547: SMALLSERIAL is of type INT2, not INT1
Frédéric Buclin [Tue, 17 Apr 2012 19:24:18 +0000 (21:24 +0200)]
Bug 741078: Update relnotes for 4.2.1
Frédéric Buclin [Tue, 17 Apr 2012 19:11:20 +0000 (21:11 +0200)]
Bug 745197: Add a hook in Bugzilla::Error::_throw_error() so that extensions can control the way to throw errors
Frédéric Buclin [Tue, 17 Apr 2012 18:41:05 +0000 (20:41 +0200)]
Bug 745320: Shared queries do not work when tags are part of the query
Frédéric Buclin [Tue, 17 Apr 2012 00:15:59 +0000 (02:15 +0200)]
Bug 745080: Voting extension causes database deadlocks
Marc Schumann [Sat, 14 Apr 2012 22:02:17 +0000 (00:02 +0200)]
Comment toggling text is not localizable because it's in a .js file.
Marc Schumann [Sat, 14 Apr 2012 16:05:39 +0000 (18:05 +0200)]
Change columns: empty buttons when images turned off.
Frédéric Buclin [Fri, 13 Apr 2012 15:48:43 +0000 (17:48 +0200)]
Move doc of the admin_editusers_action hook at its right place
Frédéric Buclin [Thu, 12 Apr 2012 18:58:30 +0000 (20:58 +0200)]
Bug 741078: Release notes for Bugzilla 4.2.1
Frédéric Buclin [Thu, 12 Apr 2012 18:44:59 +0000 (20:44 +0200)]
Bug 737436: Relative dates do not work correctly with the deadline field
Dave Lawrence [Thu, 12 Apr 2012 18:00:11 +0000 (14:00 -0400)]
Bug 744823 - Deadline throws error when selected in change history field list in query.cgi when not in time tracking group
Frédéric Buclin [Thu, 12 Apr 2012 15:12:40 +0000 (17:12 +0200)]
Fix typo
Marc Schumann [Wed, 11 Apr 2012 19:50:54 +0000 (21:50 +0200)]
If you're not allowed to change status or resolution, their values are being displayed unlocalized.
Frédéric Buclin [Wed, 11 Apr 2012 15:23:59 +0000 (17:23 +0200)]
Bug 663377: Quicksearch using "status:" field doesn't work--it is defeated by the default status selection
Frédéric Buclin [Wed, 11 Apr 2012 15:04:04 +0000 (17:04 +0200)]
Bug 734997: The 'take' link for the assignee field doesn't work when usemenuforusers is turned on
rojanu [Tue, 10 Apr 2012 18:36:46 +0000 (20:36 +0200)]
Bug 743991: Need a new hook to update Bugzilla::Search::COLUMN_JOINS
Frédéric Buclin [Wed, 4 Apr 2012 18:02:50 +0000 (20:02 +0200)]
Bug 58179: End date not included in the Search By Change History section
Marc Schumann [Sat, 31 Mar 2012 12:56:53 +0000 (14:56 +0200)]
Search for start-of-time-interval in date fields is (partially?) broken.
Frédéric Buclin [Thu, 29 Mar 2012 22:27:12 +0000 (00:27 +0200)]
Fix bustage: Perl 5.8.x doesn't understand \g1 in regexp (must use \1 instead)
Frédéric Buclin [Thu, 29 Mar 2012 17:56:41 +0000 (19:56 +0200)]
Bug 554819: Quicksearch should be using Text::ParseWords instead of custom code in splitString
Tiago Mello [Wed, 28 Mar 2012 14:47:59 +0000 (09:47 -0500)]
Bug 735821: Fix broken HTML code in bugmail.html.tmpl.
Frédéric Buclin [Tue, 27 Mar 2012 22:32:52 +0000 (00:32 +0200)]
Bug 730984: A single whitespace in the Status Whiteboard field generates an invalid SQL query
Francisco Donalisio [Mon, 26 Mar 2012 21:10:18 +0000 (17:10 -0400)]
Bug 734471 - Need new hook edituser search template
Gervase Markham [Mon, 26 Mar 2012 11:11:16 +0000 (12:11 +0100)]
Add hooks for alternative login methods. r,a=LpSolit.
Matt Selsky [Thu, 22 Mar 2012 18:55:41 +0000 (19:55 +0100)]
Bug 733458: The "creator" argument is listed twice for the Bug.search WebService method
Frédéric Buclin [Sat, 17 Mar 2012 13:12:05 +0000 (14:12 +0100)]
Fix bustage: Bugzilla -> terms.Bugzilla
Frédéric Buclin [Sat, 17 Mar 2012 13:03:21 +0000 (14:03 +0100)]
Bug 736057: Add to the release notes that |FILTER url_quote| has been replaced by |FILTER uri|
Marc Schumann [Sat, 10 Mar 2012 16:07:30 +0000 (17:07 +0100)]
Tabular reports' column headers do not use display_value.
Frédéric Buclin [Sat, 10 Mar 2012 15:09:45 +0000 (16:09 +0100)]
Bug 730032: The documentation must mention bzr instead of cvs in the "Upgrading to New Releases" section
Frédéric Buclin [Sat, 10 Mar 2012 15:05:44 +0000 (16:05 +0100)]
Bug 731163: Search.pm can use undefined alias in ORDER BY clause
Dave Lawrence [Fri, 9 Mar 2012 20:11:57 +0000 (15:11 -0500)]
Fixed comma in documentation
Francisco Donalisio [Fri, 9 Mar 2012 20:10:17 +0000 (15:10 -0500)]
Bug 730794 - Need new hook edituser page
Frédéric Buclin [Tue, 6 Mar 2012 21:24:54 +0000 (22:24 +0100)]
Fix bustage
Frédéric Buclin [Tue, 6 Mar 2012 21:11:17 +0000 (22:11 +0100)]
Bug 545610: Correctly parse CGI parameters, especially when using mod_perl
Frédéric Buclin [Tue, 6 Mar 2012 21:05:20 +0000 (22:05 +0100)]
Bug 731323: Wrong URLs in the "Total" row at the bottom of tabular reports when JS is enabled and a user field is used for the vertical axis
Frédéric Buclin [Sat, 3 Mar 2012 15:00:27 +0000 (16:00 +0100)]
Bug 731586: Email notifications about status changes in blockers are incorrectly formatted
Emmanuel Seyman [Thu, 1 Mar 2012 22:52:38 +0000 (17:52 -0500)]
Bug 731725 - In the documentation license, the address of the FSF is incorrect
Byron Jones [Wed, 29 Feb 2012 04:51:35 +0000 (12:51 +0800)]
Bug 731219: Fix XMLRPC breakage when content-type contains a charset
Frédéric Buclin [Tue, 28 Feb 2012 22:28:17 +0000 (23:28 +0100)]
Bug 695514: Slow performance in field-events.js.tmpl on show_bug.cgi with large number of products
Frédéric Buclin [Tue, 28 Feb 2012 08:22:03 +0000 (09:22 +0100)]
Bug 731055: get_enterable_products() is very slow when a product has many components or versions
Frédéric Buclin [Mon, 27 Feb 2012 14:10:45 +0000 (15:10 +0100)]
Bug 730598: Running checksetup.pl twice deletes the DEFAULT value of the bug_see_also.class column
Matt Selsky [Sun, 26 Feb 2012 11:52:49 +0000 (12:52 +0100)]
Bug 714030: Add Mac OS 10.7 Lion detection
Matt Selsky [Sun, 26 Feb 2012 11:51:11 +0000 (12:51 +0100)]
Bug 714368: Add Windows 8 detection
Michal 'hramrach' Suchanek [Sat, 25 Feb 2012 14:19:07 +0000 (15:19 +0100)]
Bug 696352: Required fields have broken colors
Frédéric Buclin [Sat, 25 Feb 2012 14:08:23 +0000 (15:08 +0100)]
Bug 730552: HTML markup validation: unescaped "&" in CSV link on buglist.cgi
Dave Lawrence [Wed, 22 Feb 2012 20:32:45 +0000 (15:32 -0500)]
Updated docs for stable release
Dave Lawrence [Wed, 22 Feb 2012 15:46:48 +0000 (10:46 -0500)]
Bumped version number post-release
Dave Lawrence [Wed, 22 Feb 2012 15:42:43 +0000 (10:42 -0500)]
Bumped version to 4.2
Dave Lawrence [Wed, 22 Feb 2012 15:38:20 +0000 (10:38 -0500)]
Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC API when using mod_perl
Matt Selsky [Sun, 19 Feb 2012 23:26:01 +0000 (00:26 +0100)]
Bug 718283: Indentation and newlines in the "Descriptive text sent within whine message" are ignored in HTML whinemail
Frédéric Buclin [Thu, 16 Feb 2012 17:32:19 +0000 (18:32 +0100)]
Bug 723944: Plain-text only emails are mangled when they contain non-ASCII characters
Marc Schumann [Wed, 15 Feb 2012 17:52:57 +0000 (18:52 +0100)]
Test 1 fails if PERLLIB contains paths with whitespace.
Dave Lawrence [Wed, 15 Feb 2012 15:59:08 +0000 (10:59 -0500)]
Bug 724464 - JSON-RPC support shouldn't require SOAP::Lite
Frédéric Buclin [Wed, 15 Feb 2012 15:26:34 +0000 (16:26 +0100)]
Bug 722113: The profile_search table has a wrong index name
Frédéric Buclin [Tue, 14 Feb 2012 22:02:15 +0000 (23:02 +0100)]
Bug 727240: The POD for Bug.attachments is wrong about the format of the returned data
Frédéric Buclin [Wed, 8 Feb 2012 15:51:48 +0000 (16:51 +0100)]
Bug 722161: Clickjacking is possible in "View All" with HTML attachments
Dave Lawrence [Tue, 31 Jan 2012 23:51:03 +0000 (18:51 -0500)]
Bump the version number post-release
Dave Lawrence [Tue, 31 Jan 2012 16:50:42 +0000 (11:50 -0500)]
Bumped to version 4.2rc2
Frédéric Buclin [Tue, 31 Jan 2012 16:01:20 +0000 (17:01 +0100)]
(CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can lead to CSRF (no victim's action required)
projects / thirdparty / bugzilla.git / log
