Fix for bug 227213: Chomping murder in token emails and pages. Fix
chomping issues, a spurious in an email template, and minor
rewordings to make the text prettier -- oh, I realize this isn't Chaucer
yet, but who knows? r=jouni, a=justdave.
Fix for bug 226982: Move password change code into Bugzilla::Auth (part
1). Factored code out from Bugzilla::Auth::DB->authenticate() into
separate methods so we can use them externally. Add extra API to DB.pm,
which is currently used only internally (pending part 2). r=bbaetz, a=justdave
Bug 226673: Eliminate some warnings in checksetup.pl for "blah::Version used only once" and make sure errors don't get wrapped in CGI:Carp's HTML wrapper.
r=bbaetz, a=justdave
Bug 226932: flag request email sends ' ' in subject. Remove
entities that were introduced by the fix for bug 13540. Patch by Stephen
Reindl <sr@stephenreindl.de>, r=kiko, a=justdave
Bug 226324: Move relogin.cgi code to Bugzilla::Auth::CGI. Provide a
logout() method that is proxied through Bugzilla.pm's logout(), and fix
callers to use it. r=justdave, bbaetz, a=justdave
Bug 226229: Query.cgi HTML Transitional 4.01 validation fails for
query.cgi. Fixes outstanding validation issues. patch by Anthony
Christofides, r=kiko, a=justdave
Bug 226119: The template admin/add-group.html.tmpl moved to admin/groups/create.html.tmpl to better match with admin template naming consensus discussed in reviewers@.
r=myk, a=justdave
gerv%gerv.net [Sun, 9 Nov 2003 02:51:07 +0000 (02:51 +0000)]
Bug 225081 - Tests are failing due to checkin for bug 223913. Sorry about that - it worked on my machine, but not any machine without the excluded template. Doh. Patch by gerv; r,a=mozbot.
gerv%gerv.net [Sun, 9 Nov 2003 02:04:36 +0000 (02:04 +0000)]
Bug 195530 - Make javascript version of buglists available, part 2. This is a security fix to prevent remote sites being able to see sensitive bug data. Patch by gerv; r=justdave, r=myk, a=justdave.
Bug 155119: reassigning bugs to a product with no components gives 'browser' error; patch by Chuck Duvall <caduvall@glue.umd.edu>; r=bbaetz; a=justdave.
[SECURITY] Bug 219044: A user with 'editkeywords' privileges (i.e. usually an administrator) can inject arbitrary SQL via the URL used to edit an existing keyword.
Patch by Joel Peshkin <bugreport@peshkin.net>
r= justdave, zach a= justdave
[SECURITY] Bug 209742: Under some circumstances, a user can obtain component descriptions for a product to which he does not normally have access.
Patch by Ryan Cleary <tryanc@interdimensions.com>
r= joel, bbaetz a= justdave
[SECURITY] Bug 209376: If you know the email address of someone who has voted on a secure bug, you can access the summary of that bug even if you do not have sufficient permissions to view the bug itself.
Patch by Gervase Markham <gerv@mozilla.org>
r= justdave, bbaetz a= justdave
Bug 111522: Provide ability to specify MIME type of attachment when downloading - correction of url parameter name to avoid usage conflicts with other parts of Bugzilla
Patch by Alex Vincent <ajvincent@juno.com>
r= justdave, a= justdave
Fix for Bug 220724: Provide standalone bug submission program. Includes
a python script that submits bugs to a specified Bugzilla instance.
README, docs and an example bug are included. Work done by Eric Raymond
<esr@thyrsus.com> and myself. a=justdave
Fix for bug 221039: Separating knob in edit.html.tmpl. Splits
bug/edit.html.tmpl into bug/knob.html.tmpl. Patch by Ludovic Dubost
<ludovic@pobox.com>, r=kiko, a=justdave.
Fix for bug 111522: Provide ability to specify MIME type of attachment
when downloading. Adds a 'ctype' argument to attachment.cgi which allows
one to override the content-type when viewing an attachment. Original
patch by Alex Vincent <ajvincent@juno.com>; I changed it a tiny bit.
r=kiko, myk. a=justdave.
Bug 201294: showdependencygraph.cgi now uses the global IsOpenedState() sub instead of its own list of which states are open. This makes one less place to customize when sites change their statuses, and also includes UNCONFIRMED (which never got added when UNCONFIRMED was created).
r= gerv, a= justdave
Bug 221977: Insecure dependency in require while running with -T switch at Bugzilla/Auth.pm; patch by Dave Miller (justdave@bugzilla.org); r=gerv; a=justdave.
Bug 108528: knob is not a defined error message and it does not help a user find the error; patch by chaduv (caduvall@glue.umd.edu); r=justdave; a=justdave.
Bug 222566: Fixing wording on enter_bug.cgi when using the create-guided template; patch by Gervase Markham (gerv@mozilla.org); r=justdave; a=justdave.
Fix for bug 221391: Bugzilla Quickstart guide could exist. Provide a
QUICKSTART file, and alter README slightly to point to it. r=gerv,
justdave, a=justdave.
Fix for bug 220183: post_bug.cgi could allow setting the
status_whiteboard attribute. Added "status_whiteboard" to parsed
attribute list. r=gerv, a=justdave
Bug 65316: Typos on edit*.cgi. Change use of PutTrailer() (and the
default output, in certain cases) in the edit pages. Patch by Vlad
Dascalu <jocuri@softhome.net>, r=kiko, a=justdave
Bug 152748: Make lack of sidebar support suggest Mozilla instead of Netscape as an upgrade.
Patch by Vlad Dascalu <jocuri@softhome.net>
r= gerv, a= justdave
Bug 177449: When changing email address, old email address confirmation was case sensitive
patch by Vlad Dascalu <jocuri@softhome.net>
r= kiko, a= justdave
Bug 219216: Javascript improperly using FILTER html instead of FILTER js causing data with @ produced by javascript to show up as @
r=timeless, a=justdave
projects / thirdparty / bugzilla.git / log
