Mozilla

Author	SHA1	Message	Date
bzrmirror%bugzilla.org	70d1c471c4	Bump version to 4.0.11 git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265063 18797224-902f-48f8-a5cc-f745e15eee43	2013-10-16 20:47:53 +00:00
bzrmirror%bugzilla.org	3a52cc32a7	Bug 924802: (CVE-2013-1742) [SECURITY] (XSS) "id" and "sortkey" are not sanitized when editing flag types if categoryAction-foo is set r=dkl a=glob git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265061 18797224-902f-48f8-a5cc-f745e15eee43	2013-10-16 17:33:13 +00:00
bzrmirror%bugzilla.org	b8daed2326	Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachments r=dkl a=sgreen git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265060 18797224-902f-48f8-a5cc-f745e15eee43	2013-10-16 17:29:09 +00:00
bzrmirror%bugzilla.org	a837536af3	Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy and allowing easier brute force r=LpSolit,a=sgreen git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265058 18797224-902f-48f8-a5cc-f745e15eee43	2013-10-16 17:03:59 +00:00
bzrmirror%bugzilla.org	ced7a0a876	Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing total entropy and allowing easier brute force r=LpSolit,a=sgreen git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265057 18797224-902f-48f8-a5cc-f745e15eee43	2013-10-16 17:01:24 +00:00
bzrmirror%bugzilla.org	8dc631e917	Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy and allowing easier brute force r=LpSolit,a=glob git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265056 18797224-902f-48f8-a5cc-f745e15eee43	2013-10-16 16:57:35 +00:00
bzrmirror%bugzilla.org	92af6088cd	Bug 912639: Release notes for Bugzilla 4.0.11 r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265051 18797224-902f-48f8-a5cc-f745e15eee43	2013-10-11 22:15:49 +00:00
mkanat%bugzilla.org	f59e01f234	Bug 902515: Internet Explorer 11 receives multipart/x-mixed-replace content from buglist.cgi r=dkl a=sgreen git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264927 18797224-902f-48f8-a5cc-f745e15eee43	2013-08-09 09:47:58 +00:00
mkanat%bugzilla.org	dfcc944b14	Bug 901620 - Grammar error in the documentation r=sgreen, a=glob git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264925 18797224-902f-48f8-a5cc-f745e15eee43	2013-08-07 05:30:58 +00:00
mkanat%bugzilla.org	2e42bbc302	Bug 880653 - Add POD for Bug.possible_duplicates webservice r=LpSolit,a=sgreen git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264906 18797224-902f-48f8-a5cc-f745e15eee43	2013-07-24 14:31:00 +00:00
mkanat%bugzilla.org	152b15ae2e	Bug 787328 - xmlrpc.cgi doesn't send any security-related headers r=glob,a=justdave git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264890 18797224-902f-48f8-a5cc-f745e15eee43	2013-07-15 04:01:28 +00:00
mkanat%bugzilla.org	1e733a2646	Bug 861528: $user->can_enter_product() now returns the product object instead of 1 r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264830 18797224-902f-48f8-a5cc-f745e15eee43	2013-04-15 21:31:43 +00:00
mkanat%bugzilla.org	15488a3014	Bug 355620: Lines enclosed in <simplelist> do not wrap in the PDF version of the Bugzilla Guide r/a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264821 18797224-902f-48f8-a5cc-f745e15eee43	2013-04-09 10:30:44 +00:00
mkanat%bugzilla.org	3c0f998ba7	Bug 854074: Remove all references to the uwinnipeg.ca PPM repository as it is no longer available r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264808 18797224-902f-48f8-a5cc-f745e15eee43	2013-03-26 11:15:58 +00:00
mkanat%bugzilla.org	07e4f1d919	Bug 852560: Bugzilla cannot be installed with MySQL 5.6, because the have_innodb variable no longer exists r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264804 18797224-902f-48f8-a5cc-f745e15eee43	2013-03-20 12:16:19 +00:00
mkanat%bugzilla.org	dbb3885b9d	Bump version post-release git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264779 18797224-902f-48f8-a5cc-f745e15eee43	2013-02-20 01:30:38 +00:00
mkanat%bugzilla.org	420ec93017	Bumped current year git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264777 18797224-902f-48f8-a5cc-f745e15eee43	2013-02-19 18:46:34 +00:00
mkanat%bugzilla.org	4923e4f9d5	Bump version to 4.0.10 git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264771 18797224-902f-48f8-a5cc-f745e15eee43	2013-02-19 17:45:54 +00:00
mkanat%bugzilla.org	91f1886684	Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264770 18797224-902f-48f8-a5cc-f745e15eee43	2013-02-19 17:33:12 +00:00
mkanat%bugzilla.org	388ddeef0f	Bug 824399: (CVE-2013-0786) [SECURITY] build_subselect() leaks the existence of products and components you cannot access r/a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264769 18797224-902f-48f8-a5cc-f745e15eee43	2013-02-19 17:32:38 +00:00
mkanat%bugzilla.org	5ba6e8c08c	Bug 832265: Release notes for Bugzilla 4.0.10 r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264761 18797224-902f-48f8-a5cc-f745e15eee43	2013-02-19 09:01:02 +00:00
mkanat%bugzilla.org	7f9982c216	Bug 771100: Attaching a file to a bug with Perl 5.16 fails r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264658 18797224-902f-48f8-a5cc-f745e15eee43	2013-01-21 12:45:38 +00:00
mkanat%bugzilla.org	7da4afeb09	Bug 826678: Disable warnings about the deprecated Return::Value module when loading Email::Send r=wicked a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264623 18797224-902f-48f8-a5cc-f745e15eee43	2013-01-05 23:31:21 +00:00
mkanat%bugzilla.org	f508951d09	Bug 824616: The urlbase field in global/header.html.tmpl must be filtered r/a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264619 18797224-902f-48f8-a5cc-f745e15eee43	2013-01-03 12:31:28 +00:00
mkanat%bugzilla.org	0fdd0dece1	Bug 579189 - New methods added to Bugzilla/User.pm by bug 24896 have no POD r=dkl, a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264496 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-29 19:30:43 +00:00
mkanat%bugzilla.org	19a66c4673	Bug 640756 - Make the documentation clearer that attachments created with Bug.add_attachment must by of type 'base64' when non-ASCII . r=LpSolit, a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264470 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-20 19:16:20 +00:00
mkanat%bugzilla.org	a2c550384f	Bump version post-release git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264435 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-13 23:31:18 +00:00
mkanat%bugzilla.org	00a140e827	Bump version to 4.0.9 git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264429 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-13 20:00:41 +00:00
mkanat%bugzilla.org	e842ff1c8b	Bug 808845 (CVE-2012-5475): [SECURITY] Security vulnerability in YUI's swfstore.swf in YUI 2.8.2 and 2.9.0 a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264426 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-13 17:47:01 +00:00
mkanat%bugzilla.org	636fa6afe1	Bug 781850 (CVE-2012-4198): [SECURITY] Do not leak the existence of groups when using User.get() r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264425 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-13 17:46:24 +00:00
mkanat%bugzilla.org	dd21d3d7d3	Bug 802204 (CVE-2012-4197): [SECURITY] Marking an attachment you cannot see as obsolete can disclose its description r=gerv a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264424 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-13 17:31:57 +00:00
mkanat%bugzilla.org	50c5bda19d	Bug 731178 (CVE-2012-4199): [SECURITY] field-events.js.tmpl discloses product and component names that the user is not allowed to see r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264423 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-13 17:16:56 +00:00
mkanat%bugzilla.org	3fe95ece18	Fix typo git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264399 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-02 13:03:22 +00:00
mkanat%bugzilla.org	d87638b2e2	Bug 807937: Fix POD r/a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264398 18797224-902f-48f8-a5cc-f745e15eee43	2012-11-02 13:02:41 +00:00
mkanat%bugzilla.org	06d7430968	Bug 805649: Release notes for Bugzilla 4.0.9 r=dkl git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264391 18797224-902f-48f8-a5cc-f745e15eee43	2012-10-30 21:30:43 +00:00
mkanat%bugzilla.org	ae0d2cb19e	Fix typo git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264338 18797224-902f-48f8-a5cc-f745e15eee43	2012-10-13 21:31:56 +00:00
mkanat%bugzilla.org	e42aec1148	Bug 790909: Editing dependencies from the "Change Several Bugs at Once" page does not work as expected (bug IDs are incorrectly parsed) r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264300 18797224-902f-48f8-a5cc-f745e15eee43	2012-10-04 16:02:22 +00:00
mkanat%bugzilla.org	6e74e81608	Bug 757935: Bugs with resolution MOVED cannot be edited r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264289 18797224-902f-48f8-a5cc-f745e15eee43	2012-10-03 17:46:25 +00:00
mkanat%bugzilla.org	f1d58bbf00	Bug 790215 - Flag names are not properly escaped when displayed on confirm user match page [r=LpSolit a=LpSolit] git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264212 18797224-902f-48f8-a5cc-f745e15eee43	2012-09-11 19:29:05 +00:00
mkanat%bugzilla.org	8a1f56d99a	Bumped version post-release git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264186 18797224-902f-48f8-a5cc-f745e15eee43	2012-08-30 20:32:17 +00:00
mkanat%bugzilla.org	ddca5da73e	Bump version to 4.0.8 git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264182 18797224-902f-48f8-a5cc-f745e15eee43	2012-08-30 19:16:21 +00:00
mkanat%bugzilla.org	6e111ef217	Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can lead to LDAP injection r/a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264179 18797224-902f-48f8-a5cc-f745e15eee43	2012-08-30 18:33:26 +00:00
mkanat%bugzilla.org	df4ee7c380	Bug 785522: [SECURITY] Block access to templates in extensions/ r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264178 18797224-902f-48f8-a5cc-f745e15eee43	2012-08-30 18:32:13 +00:00
mkanat%bugzilla.org	3052af6d3b	Bug 786352: Release notes for Bugzilla 4.0.8 r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264172 18797224-902f-48f8-a5cc-f745e15eee43	2012-08-29 14:47:48 +00:00
mkanat%bugzilla.org	5698f83886	Bug 785917: Custom field descriptions are not properly escaped when displayed as bug list column headers r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264161 18797224-902f-48f8-a5cc-f745e15eee43	2012-08-27 18:32:07 +00:00
mkanat%bugzilla.org	72066c1233	Bug 682317 - Bug.create is incorrectly documented as ignoring invalid fields; it should say it produces an error r=dkl, a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264114 18797224-902f-48f8-a5cc-f745e15eee43	2012-08-03 17:01:30 +00:00
mkanat%bugzilla.org	752dc36b8f	Bumped version post release git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264081 18797224-902f-48f8-a5cc-f745e15eee43	2012-07-26 23:01:15 +00:00
mkanat%bugzilla.org	2e174ba9dd	Bump version to 4.0.7 git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264077 18797224-902f-48f8-a5cc-f745e15eee43	2012-07-26 21:45:41 +00:00
mkanat%bugzilla.org	5902c5d0cb	Bug 777586: (CVE-2012-1969) [SECURITY] The description of private attachments is still visible to unauthorized users when mentioned in a comment r=glob a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264073 18797224-902f-48f8-a5cc-f745e15eee43	2012-07-26 21:16:55 +00:00
mkanat%bugzilla.org	db54375ddd	Bug 777675: Release notes for Bugzilla 4.0.7 r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264067 18797224-902f-48f8-a5cc-f745e15eee43	2012-07-26 14:00:44 +00:00

1 2 3 4 5 ...

7766 Commits