Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
214,877 Commits 3,986 Branches 0 Tags
Commit Graph

2353 Commits

Author SHA1 Message Date
bzrmirror%bugzilla.org
fe0c9d81ad Bump version to 4.0.15 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265607 18797224-902f-48f8-a5cc-f745e15eee43
 2014-10-06 15:30:46 +00:00
bzrmirror%bugzilla.org
597e26f3e9 Bug 1054702: CSV export vulnerable to formulae injection 
r=glob,a=glob


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265605 18797224-902f-48f8-a5cc-f745e15eee43
 2014-10-06 15:01:28 +00:00
bzrmirror%bugzilla.org
802209aef9 Bug 1064140: [SECURITY] Private comments can be shown to flagmail recipients who aren't in the insider group 
r=glob,a=glob


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265603 18797224-902f-48f8-a5cc-f745e15eee43
 2014-10-06 14:48:02 +00:00
bzrmirror%bugzilla.org
3e500ddd23 Bug 1075578: [SECURITY] Improper filtering of CGI arguments 
r=dkl,a=sgreen


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265600 18797224-902f-48f8-a5cc-f745e15eee43
 2014-10-06 14:31:49 +00:00
bzrmirror%bugzilla.org
4b79017161 Bump version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265477 18797224-902f-48f8-a5cc-f745e15eee43
 2014-07-24 21:46:37 +00:00
bzrmirror%bugzilla.org
c5ff5462cf Bump version to 4.0.14 (corrected) 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265473 18797224-902f-48f8-a5cc-f745e15eee43
 2014-07-24 17:31:23 +00:00
bzrmirror%bugzilla.org
13bf215d31 Bug 1036213 - (CVE-2014-1546) add '/**/' before jsonrpc.cgi callback to avoid swf content type sniff vulnerability 
r=glob,a=sgreen


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265472 18797224-902f-48f8-a5cc-f745e15eee43
 2014-07-24 17:30:45 +00:00
bzrmirror%bugzilla.org
386c4c75e3 Bump version to 4.0.14 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265471 18797224-902f-48f8-a5cc-f745e15eee43
 2014-07-24 17:01:23 +00:00
bzrmirror%bugzilla.org
bbf036b736 Bumped version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265353 18797224-902f-48f8-a5cc-f745e15eee43
 2014-04-21 21:16:24 +00:00
bzrmirror%bugzilla.org
db1539167c Bump version to 4.0.13 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265349 18797224-902f-48f8-a5cc-f745e15eee43
 2014-04-18 22:16:37 +00:00
bzrmirror%bugzilla.org
b7342cb5f3 Bug 998323 - URLs pasted in comments are no longer displayed 
r=LpSolit,a=justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265344 18797224-902f-48f8-a5cc-f745e15eee43
 2014-04-18 21:15:39 +00:00
bzrmirror%bugzilla.org
08a529eda4 Bumped version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265339 18797224-902f-48f8-a5cc-f745e15eee43
 2014-04-17 21:31:33 +00:00
bzrmirror%bugzilla.org
b309930596 Bumped version to 4.0.12 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265337 18797224-902f-48f8-a5cc-f745e15eee43
 2014-04-17 17:46:24 +00:00
bzrmirror%bugzilla.org
1fa2629eb3 Bug 968576: [SECURITY] Dangerous control characters allowed in Bugzilla text 
r=glob a=justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265335 18797224-902f-48f8-a5cc-f745e15eee43
 2014-04-17 17:01:18 +00:00
bzrmirror%bugzilla.org
02d012ed6a Fix POD to make tests happy 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265334 18797224-902f-48f8-a5cc-f745e15eee43
 2014-04-17 17:00:41 +00:00
bzrmirror%bugzilla.org
3c049c8b28 Bug 942599: Documentation about possible_duplicates() lists 'products' as argument instead of 'product' 
r=dkl a=justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265135 18797224-902f-48f8-a5cc-f745e15eee43
 2013-12-05 22:46:42 +00:00
bzrmirror%bugzilla.org
be81ebe143 Bump version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265068 18797224-902f-48f8-a5cc-f745e15eee43
 2013-10-17 15:21:03 +00:00
bzrmirror%bugzilla.org
70d1c471c4 Bump version to 4.0.11 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265063 18797224-902f-48f8-a5cc-f745e15eee43
 2013-10-16 20:47:53 +00:00
bzrmirror%bugzilla.org
ced7a0a876 Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing total entropy and allowing easier brute force 
r=LpSolit,a=sgreen


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265057 18797224-902f-48f8-a5cc-f745e15eee43
 2013-10-16 17:01:24 +00:00
bzrmirror%bugzilla.org
8dc631e917 Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy and allowing easier brute force 
r=LpSolit,a=glob


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265056 18797224-902f-48f8-a5cc-f745e15eee43
 2013-10-16 16:57:35 +00:00
mkanat%bugzilla.org
2e42bbc302 Bug 880653 - Add POD for Bug.possible_duplicates webservice 
r=LpSolit,a=sgreen


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264906 18797224-902f-48f8-a5cc-f745e15eee43
 2013-07-24 14:31:00 +00:00
mkanat%bugzilla.org
152b15ae2e Bug 787328 - xmlrpc.cgi doesn't send any security-related headers 
r=glob,a=justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264890 18797224-902f-48f8-a5cc-f745e15eee43
 2013-07-15 04:01:28 +00:00
mkanat%bugzilla.org
1e733a2646 Bug 861528: $user->can_enter_product() now returns the product object instead of 1 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264830 18797224-902f-48f8-a5cc-f745e15eee43
 2013-04-15 21:31:43 +00:00
mkanat%bugzilla.org
3c0f998ba7 Bug 854074: Remove all references to the uwinnipeg.ca PPM repository as it is no longer available 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264808 18797224-902f-48f8-a5cc-f745e15eee43
 2013-03-26 11:15:58 +00:00
mkanat%bugzilla.org
07e4f1d919 Bug 852560: Bugzilla cannot be installed with MySQL 5.6, because the have_innodb variable no longer exists 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264804 18797224-902f-48f8-a5cc-f745e15eee43
 2013-03-20 12:16:19 +00:00
mkanat%bugzilla.org
dbb3885b9d Bump version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264779 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-20 01:30:38 +00:00
mkanat%bugzilla.org
4923e4f9d5 Bump version to 4.0.10 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264771 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-19 17:45:54 +00:00
mkanat%bugzilla.org
91f1886684 Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264770 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-19 17:33:12 +00:00
mkanat%bugzilla.org
388ddeef0f Bug 824399: (CVE-2013-0786) [SECURITY] build_subselect() leaks the existence of products and components you cannot access 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264769 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-19 17:32:38 +00:00
mkanat%bugzilla.org
7f9982c216 Bug 771100: Attaching a file to a bug with Perl 5.16 fails 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264658 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-21 12:45:38 +00:00
mkanat%bugzilla.org
7da4afeb09 Bug 826678: Disable warnings about the deprecated Return::Value module when loading Email::Send 
r=wicked a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264623 18797224-902f-48f8-a5cc-f745e15eee43
 2013-01-05 23:31:21 +00:00
mkanat%bugzilla.org
0fdd0dece1 Bug 579189 - New methods added to Bugzilla/User.pm by bug 24896 have no POD 
r=dkl, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264496 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-29 19:30:43 +00:00
mkanat%bugzilla.org
19a66c4673 Bug 640756 - Make the documentation clearer that attachments created with Bug.add_attachment must by of type 'base64' when non-ASCII 
.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264470 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-20 19:16:20 +00:00
mkanat%bugzilla.org
a2c550384f Bump version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264435 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-13 23:31:18 +00:00
mkanat%bugzilla.org
00a140e827 Bump version to 4.0.9 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264429 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-13 20:00:41 +00:00
mkanat%bugzilla.org
636fa6afe1 Bug 781850 (CVE-2012-4198): [SECURITY] Do not leak the existence of groups when using User.get() 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264425 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-13 17:46:24 +00:00
mkanat%bugzilla.org
dd21d3d7d3 Bug 802204 (CVE-2012-4197): [SECURITY] Marking an attachment you cannot see as obsolete can disclose its description 
r=gerv a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264424 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-13 17:31:57 +00:00
mkanat%bugzilla.org
3fe95ece18 Fix typo 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264399 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-02 13:03:22 +00:00
mkanat%bugzilla.org
d87638b2e2 Bug 807937: Fix POD 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264398 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-02 13:02:41 +00:00
mkanat%bugzilla.org
ae0d2cb19e Fix typo 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264338 18797224-902f-48f8-a5cc-f745e15eee43
 2012-10-13 21:31:56 +00:00
mkanat%bugzilla.org
8a1f56d99a Bumped version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264186 18797224-902f-48f8-a5cc-f745e15eee43
 2012-08-30 20:32:17 +00:00
mkanat%bugzilla.org
ddca5da73e Bump version to 4.0.8 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264182 18797224-902f-48f8-a5cc-f745e15eee43
 2012-08-30 19:16:21 +00:00
mkanat%bugzilla.org
6e111ef217 Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can lead to LDAP injection 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264179 18797224-902f-48f8-a5cc-f745e15eee43
 2012-08-30 18:33:26 +00:00
mkanat%bugzilla.org
72066c1233 Bug 682317 - Bug.create is incorrectly documented as ignoring invalid fields; it should say it produces an error 
r=dkl, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264114 18797224-902f-48f8-a5cc-f745e15eee43
 2012-08-03 17:01:30 +00:00
mkanat%bugzilla.org
752dc36b8f Bumped version post release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264081 18797224-902f-48f8-a5cc-f745e15eee43
 2012-07-26 23:01:15 +00:00
mkanat%bugzilla.org
2e174ba9dd Bump version to 4.0.7 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264077 18797224-902f-48f8-a5cc-f745e15eee43
 2012-07-26 21:45:41 +00:00
mkanat%bugzilla.org
5902c5d0cb Bug 777586: (CVE-2012-1969) [SECURITY] The description of private attachments is still visible to unauthorized users when mentioned in a comment 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264073 18797224-902f-48f8-a5cc-f745e15eee43
 2012-07-26 21:16:55 +00:00
mkanat%bugzilla.org
3869f341e1 Bug 776103 - Syntax error in Bugzilla::User::Setting API doc 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264065 18797224-902f-48f8-a5cc-f745e15eee43
 2012-07-25 21:46:57 +00:00
mkanat%bugzilla.org
179912ff95 Bumping the version post-release 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263718 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-18 22:33:02 +00:00
mkanat%bugzilla.org
92ca787774 Bump version to 4.0.6 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263713 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-18 18:01:39 +00:00