]>
git.ipfire.org Git - thirdparty/bugzilla.git/log
David Lawrence [Thu, 1 May 2014 20:54:55 +0000 (20:54 +0000)]
Bug 995209 - Create a Build.PL script using Module::Build for testing/installing/packaging of Bugzilla code
Frédéric Buclin [Tue, 29 Apr 2014 17:06:34 +0000 (19:06 +0200)]
Bug
1001846 : When editing cc_accessible using Bug.update, the method should always return is_cc_accessible as being changed
r=dkl a=justdave
Frédéric Buclin [Fri, 25 Apr 2014 20:19:43 +0000 (22:19 +0200)]
Bug
1001497 : User.login incorrectly returns id = 0 when the login or password is missing
r=dkl a=justdave
David Lawrence [Mon, 21 Apr 2014 21:03:59 +0000 (21:03 +0000)]
Bumped version post-release
David Lawrence [Fri, 18 Apr 2014 22:13:17 +0000 (22:13 +0000)]
Bump version to 4.4.4
Frédéric Buclin [Fri, 18 Apr 2014 21:48:10 +0000 (23:48 +0200)]
Bug 998484: Release notes for Bugzilla 4.4.4
David Lawrence [Fri, 18 Apr 2014 21:06:10 +0000 (21:06 +0000)]
Bug 998323 - URLs pasted in comments are no longer displayed
David Lawrence [Thu, 17 Apr 2014 21:21:36 +0000 (21:21 +0000)]
Bumped version post-release
David Lawrence [Thu, 17 Apr 2014 17:10:38 +0000 (17:10 +0000)]
Bump version to 4.4.3
Manish Goregaokar [Thu, 17 Apr 2014 16:30:14 +0000 (18:30 +0200)]
Bug 968576: [SECURITY] Dangerous control characters allowed in Bugzilla text
Frédéric Buclin [Thu, 17 Apr 2014 16:18:12 +0000 (18:18 +0200)]
Bug 713926: (CVE-2014-1517) [SECURITY] Login form lacks CSRF protection
Frédéric Buclin [Tue, 15 Apr 2014 21:51:38 +0000 (23:51 +0200)]
Bug 996164: Release notes for Bugzilla 4.4.3
Quannah Gibson-Mount [Tue, 15 Apr 2014 18:17:20 +0000 (14:17 -0400)]
Bug 925181: contrib/jb2bz.py was out of date
Simon Green [Tue, 15 Apr 2014 01:28:32 +0000 (11:28 +1000)]
Bug 995873 - Don't use replaceState if it would result in an invalid URL
Frédéric Buclin [Mon, 14 Apr 2014 19:39:40 +0000 (21:39 +0200)]
Bug 987205: Bugzilla crashes because it tries to import a non-exported login_token() subroutine from Bugzilla::Auth::Login::Cookie
David Lawrence [Fri, 14 Mar 2014 18:14:56 +0000 (18:14 +0000)]
Copied over .bzrignore to .gitignore
Matt Selsky [Tue, 4 Mar 2014 20:35:39 +0000 (20:35 +0000)]
Bug 365050 - removal notice doesn't use English correctly (lists: =and)
Matt Selsky [Tue, 4 Mar 2014 20:28:23 +0000 (20:28 +0000)]
Bug 365057 - messages.html.tmpl file bareword should be tagged in <code> or something
Frédéric Buclin [Fri, 28 Feb 2014 10:11:12 +0000 (11:11 +0100)]
Bug 863093: The usermatchmode parameter no longer exists. The POD for User.get must be fixed accordingly
Dave Miller [Thu, 27 Feb 2014 08:42:00 +0000 (09:42 +0100)]
Bug 893595: The pink colour of private comment will turn to white after refreshing the page
Dave Lawrence [Wed, 26 Feb 2014 16:33:43 +0000 (16:33 +0000)]
Bug 893195 - Allow token based authentication for webservices
Dave Lawrence [Tue, 25 Feb 2014 23:21:14 +0000 (23:21 +0000)]
Backout Bug 893195 - Allow token based authentication for webservices
Dave Lawrence [Tue, 25 Feb 2014 22:33:46 +0000 (22:33 +0000)]
Bug 893195 - Allow token based authentication for webservices
Dave Lawrence [Tue, 25 Feb 2014 21:42:06 +0000 (21:42 +0000)]
Bug 962060 - User.get ignores the "maxusermatches" parameter and allows listing all email addresses
Frédéric Buclin [Tue, 25 Feb 2014 20:37:32 +0000 (21:37 +0100)]
Bug 967883: modify_keywords() shouldn't throw an error when an unprivileged user doesn't alter the keywords list
Frédéric Buclin [Fri, 14 Feb 2014 23:29:15 +0000 (00:29 +0100)]
Bug 966676: The 'sudo' cookie should not be accessible from JavaScript
Byron Jones [Tue, 11 Feb 2014 05:03:47 +0000 (13:03 +0800)]
Bug 970184: "possible duplicates" shouldn't truncate words at the first non-word character
Frédéric Buclin [Mon, 10 Feb 2014 17:38:36 +0000 (18:38 +0100)]
Bug 926085: Forbird single quotes to delimit URLs (no <a href='...'>)
Byron Jones [Mon, 10 Feb 2014 08:06:15 +0000 (16:06 +0800)]
Bug 961789: large dependency trees with lots of resolved bugs are very slow to load
Gervase Markham [Fri, 7 Feb 2014 11:53:27 +0000 (11:53 +0000)]
Clarify "delete groups" warning for groups on products. r=LpSolit, a=justdave.
Dave Lawrence [Tue, 28 Jan 2014 00:24:34 +0000 (00:24 +0000)]
Bumped version post-release
Dave Lawrence [Mon, 27 Jan 2014 20:50:40 +0000 (20:50 +0000)]
Bump version to 4.4.2
Frédéric Buclin [Mon, 27 Jan 2014 18:16:49 +0000 (19:16 +0100)]
Bug 964113: Digest::SHA 5.82 and newer always croak on wide characters, preventing saved searched from being displayed
Frédéric Buclin [Sun, 26 Jan 2014 19:34:17 +0000 (20:34 +0100)]
Bug 947150: improve relnotes to mention that the 'version' module must now be installed
GavinS [Sat, 25 Jan 2014 14:37:16 +0000 (15:37 +0100)]
Bug 959732: The guided bug entry form lists components disabled for new bug reports
Frédéric Buclin [Fri, 24 Jan 2014 16:39:28 +0000 (17:39 +0100)]
Bug 947150: Release notes for Bugzilla 4.4.2
Frédéric Buclin [Wed, 8 Jan 2014 23:05:06 +0000 (00:05 +0100)]
Bug 360231: importxml.pl ignores the maxattachmentsize and maxlocalattachment parameters when importing attachments
Frédéric Buclin [Thu, 2 Jan 2014 23:04:03 +0000 (00:04 +0100)]
Bug 543432: [PostgreSQL] Crash when typing a string in combination with a numeric field
Frédéric Buclin [Thu, 2 Jan 2014 22:55:16 +0000 (23:55 +0100)]
Bug 895813: Mandatory custom fields whose visibility depends on a component are not required on bug creation
Simon Green [Thu, 2 Jan 2014 22:24:25 +0000 (08:24 +1000)]
Bug 946565 - Bug Mail does not correct notify when two people have made changes
Frédéric Buclin [Wed, 25 Dec 2013 08:59:34 +0000 (09:59 +0100)]
Bug 870369: An error about longdescs.comment_id is thrown by MySQL 5.1 and older when upgrading to 4.4 if sql_auto_is_null = 1
Frédéric Buclin [Sat, 21 Dec 2013 16:44:04 +0000 (17:44 +0100)]
Bug 748095: Bugzilla crashes when the shutdownhtml parameter is set and using a non-cookie based authentication method
Frédéric Buclin [Tue, 17 Dec 2013 00:52:21 +0000 (01:52 +0100)]
Bug 905511: When creating a new bug, the version select field is not highlighted
Simon Green [Thu, 12 Dec 2013 12:14:20 +0000 (22:14 +1000)]
Bug 947766 - Poorly worded error message when attempting to attach a file that is too large
Frédéric Buclin [Thu, 5 Dec 2013 22:42:14 +0000 (23:42 +0100)]
Bug 942599: Documentation about possible_duplicates() lists 'products' as argument instead of 'product'
Simon Green [Mon, 2 Dec 2013 22:45:15 +0000 (08:45 +1000)]
Bug 944583 - sendunsentbugmail.pl has bad SQL
Frédéric Buclin [Mon, 2 Dec 2013 16:06:12 +0000 (17:06 +0100)]
Bug 938300: vers_cmp() incorrectly compares module versions
Frédéric Buclin [Thu, 14 Nov 2013 16:59:47 +0000 (17:59 +0100)]
Bug 938161: sql_date_format() method for SQLite has an incorrect default format
Frédéric Buclin [Wed, 13 Nov 2013 15:17:12 +0000 (16:17 +0100)]
Bug 843457: PROJECT environment variable is not honored when mod_perl is enabled
Simon Green [Wed, 13 Nov 2013 05:00:38 +0000 (15:00 +1000)]
Bug 937991 - Fix typo in Bugzilla::Component documentation
Simon Green [Fri, 8 Nov 2013 00:40:56 +0000 (10:40 +1000)]
Bug 916633 - join_activity_entries doesn't reconstitute text with commas correctly.
Frédéric Buclin [Mon, 4 Nov 2013 18:55:45 +0000 (19:55 +0100)]
Bug 926952: Possible race conditions when editing or deleting a milestone or a version
Frédéric Buclin [Thu, 24 Oct 2013 22:24:12 +0000 (00:24 +0200)]
Bug 928092: Add OS detection for Windows 8.1
Byron Jones [Thu, 24 Oct 2013 05:19:58 +0000 (13:19 +0800)]
Bug 930013: fall back to the bug's current delta_ts when validating a token if one is not provided to process_bug.cgi
Dave Lawrence [Thu, 17 Oct 2013 15:11:57 +0000 (11:11 -0400)]
Bump version post-release
Byron Jones [Thu, 17 Oct 2013 10:29:39 +0000 (12:29 +0200)]
Bug 927736: "invalid token" error if someone else changes the CC list while viewing a bug
Byron Jones [Thu, 17 Oct 2013 05:59:32 +0000 (13:59 +0800)]
Bug 927570: mid-air conflict fails to check all changed fields
Dave Lawrence [Wed, 16 Oct 2013 20:42:00 +0000 (16:42 -0400)]
Bump version to 4.4.1
Frédéric Buclin [Wed, 16 Oct 2013 17:25:24 +0000 (19:25 +0200)]
Bug 924932: (CVE-2013-1743) [SECURITY] Field values are not escaped correctly in tabular reports
Frédéric Buclin [Wed, 16 Oct 2013 17:17:39 +0000 (19:17 +0200)]
Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not sanitized when editing flag types if categoryAction-foo is set
Frédéric Buclin [Wed, 16 Oct 2013 17:05:29 +0000 (19:05 +0200)]
Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachments
Frédéric Buclin [Wed, 16 Oct 2013 16:59:10 +0000 (18:59 +0200)]
Bug 911593: (CVE-2013-1733) [SECURITY] CSRF in process_bug.cgi
Dave Lawrence [Wed, 16 Oct 2013 16:15:20 +0000 (12:15 -0400)]
Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing total entropy and allowing easier brute force
Dave Lawrence [Wed, 16 Oct 2013 16:07:05 +0000 (12:07 -0400)]
Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy and allowing easier brute force
Frédéric Buclin [Wed, 16 Oct 2013 15:12:41 +0000 (17:12 +0200)]
Bug 912641: Release notes for Bugzilla 4.4.1
Byron Jones [Tue, 15 Oct 2013 14:02:08 +0000 (22:02 +0800)]
Bug 917370: large dependency trees are very slow to load
Frédéric Buclin [Fri, 11 Oct 2013 21:43:51 +0000 (23:43 +0200)]
Fixes on checkin for bug 769134
Dave Lawrence [Mon, 30 Sep 2013 04:02:41 +0000 (00:02 -0400)]
Bug 864625 - Setting a non-privileged user as a requestee on a secure bug while ccing the same user to give access at the same
Frédéric Buclin [Sat, 28 Sep 2013 11:33:38 +0000 (13:33 +0200)]
Bug 891311: Text in the "My Requests" page is misleading about how the AND/OR radio button works
Frédéric Buclin [Fri, 27 Sep 2013 22:55:48 +0000 (00:55 +0200)]
Bug 851267: Bugzilla times out when a user has several thousands of votes
Frédéric Buclin [Thu, 26 Sep 2013 18:28:26 +0000 (20:28 +0200)]
Bug 920787: The "Flags:" label in bug reports is badly aligned
Simon Green [Thu, 26 Sep 2013 02:20:21 +0000 (12:20 +1000)]
Bug 893589 - 004template.t fails when templates in extension directory
Simon Green [Thu, 26 Sep 2013 02:14:09 +0000 (12:14 +1000)]
Bug 769134 - Bugzilla unintentionally removes groups when changing products with multiple bugs
Dirk Steinmetz [Wed, 25 Sep 2013 17:51:01 +0000 (19:51 +0200)]
Bug 455301: Don't show password box on userprefs.cgi if your auth method didn't use DB passwords
Frédéric Buclin [Tue, 24 Sep 2013 09:32:53 +0000 (11:32 +0200)]
Temporary fix for bug 916882: whitelist product and component when used with the changed* operators
Jiří Netolický [Mon, 23 Sep 2013 15:43:00 +0000 (17:43 +0200)]
Bug 919475: [Oracle] Crash when non-mandatory free text custom fields are left empty on bug creation
Byron Jones [Wed, 18 Sep 2013 08:03:16 +0000 (16:03 +0800)]
fix typo in comment
Byron Jones [Wed, 18 Sep 2013 07:59:44 +0000 (15:59 +0800)]
Bug 877545: quicksearch shouldn't treat apostrophes as quote characters
Frédéric Buclin [Mon, 16 Sep 2013 15:06:22 +0000 (17:06 +0200)]
Bug 785565: Search by change history between two dates doesn't give expected result
Frédéric Buclin [Thu, 12 Sep 2013 17:01:25 +0000 (19:01 +0200)]
Bug 911509: SOAP::Lite 1.0 no longer includes XMLRPC::Lite
Frédéric Buclin [Tue, 10 Sep 2013 21:11:16 +0000 (23:11 +0200)]
Bug 914262: KHTML-based browsers such as Konqueror do not support the Server-Push technology
Simon Green [Wed, 4 Sep 2013 00:41:38 +0000 (10:41 +1000)]
Bug 875217 - SecurityError in Javascript on buglist.cgi
Damien Nozay [Tue, 3 Sep 2013 09:51:28 +0000 (11:51 +0200)]
Bug 911513: 007util.t fails due to a missing dependency to DateTime
Mateusz Kuśmierczyk [Tue, 3 Sep 2013 09:42:20 +0000 (11:42 +0200)]
Bug 848063: [Oracle] importxml.pl fails with ORA-01830: comment timestamps are not correctly formatted
Christopher Trom [Mon, 26 Aug 2013 22:42:39 +0000 (08:42 +1000)]
Bug 908572 - Grammatical error in "Query Defaults" admin params
Sunil Joshi [Mon, 26 Aug 2013 22:36:31 +0000 (08:36 +1000)]
Bug 903337 - Do not display the CC list and the "Remove selected CCs" checkbox if the CC list is empty
Sunil Joshi [Mon, 26 Aug 2013 22:30:39 +0000 (08:30 +1000)]
Bug 601825 - "Linux Distributions" should link to the "Prerequisites" wiki page, not "Linux_Distro_Installation"
Sunil Joshi [Fri, 23 Aug 2013 13:40:42 +0000 (23:40 +1000)]
Bug 884705 - Bugzilla->user does not return undef
Sunil Joshi [Fri, 23 Aug 2013 13:29:46 +0000 (23:29 +1000)]
Bug 455016 - Documentation about "Boolean charts" talks about "equals" and so, while these choices have been renamed
Sunil Joshi [Thu, 22 Aug 2013 04:14:05 +0000 (14:14 +1000)]
Bug 252004 - Cannot change capitalisation of Keywords
Dave Lawrence [Mon, 19 Aug 2013 15:11:57 +0000 (11:11 -0400)]
Bug 905537 - Add support for iPod Touch in useragent strings for platform detection
Frédéric Buclin [Fri, 9 Aug 2013 09:28:28 +0000 (11:28 +0200)]
Bug 902515: Internet Explorer 11 receives multipart/x-mixed-replace content from buglist.cgi
Frédéric Buclin [Fri, 9 Aug 2013 09:23:39 +0000 (11:23 +0200)]
Bug 861582: Missing description in the "Bug Fields" page for "Importance"
Frédéric Buclin [Thu, 8 Aug 2013 19:58:19 +0000 (21:58 +0200)]
Bug 899586: Consecutive whitespaces in field values are ignored in <select> elements
Sunil Joshi [Wed, 7 Aug 2013 05:29:01 +0000 (15:29 +1000)]
Bug 901620 - Grammar error in the documentation
Sunil Joshi [Wed, 7 Aug 2013 05:21:20 +0000 (15:21 +1000)]
Bug 868330 - Password creation directions incomplete
Simon Green [Wed, 7 Aug 2013 05:16:56 +0000 (15:16 +1000)]
Bug 897264 - letters_numbers_specialchars password restriction is incorrect
Frédéric Buclin [Thu, 1 Aug 2013 01:25:18 +0000 (03:25 +0200)]
Bug 834290: Add support for iPads and iPhones in useragent strings
Frédéric Buclin [Thu, 1 Aug 2013 01:21:30 +0000 (03:21 +0200)]
Bug 781672: checksetup.pl fails to check the version of the latest Apache2::SizeLimit release (it throws "Invalid version format (non-numeric data)")
Byron Jones [Wed, 31 Jul 2013 13:45:55 +0000 (21:45 +0800)]
Bug 896330: patchreader should not set the "expires" header
projects / thirdparty / bugzilla.git / log
