Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
213,812 Commits 3,986 Branches 0 Tags
Commit Graph

2123 Commits

Author SHA1 Message Date
mkanat%bugzilla.org
f918cd5c73 Bug 777676: Release notes for Bugzilla 3.6.10 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@264068 18797224-902f-48f8-a5cc-f745e15eee43
 2012-07-26 14:01:21 +00:00
mkanat%bugzilla.org
bd106f6bf9 Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits attackers to access all bugs that the victim can see 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@263712 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-18 17:08:02 +00:00
mkanat%bugzilla.org
283a9ced72 Bug 727892: Update relnotes for 3.6.9 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@263700 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-17 19:16:48 +00:00
mkanat%bugzilla.org
fdbd0197c5 Bug 727892: Release notes for Bugzilla 3.6.9 
r=dkl


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@263677 18797224-902f-48f8-a5cc-f745e15eee43
 2012-04-12 19:17:06 +00:00
mkanat%bugzilla.org
cb38f60950 Bug 718319: (CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can lead to CSRF (no victim's action required) 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@263342 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-31 16:19:08 +00:00
mkanat%bugzilla.org
4ca780e6c7 Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email addresses, which could allow an attacker to be CC'ed to private bugs by accident 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@263340 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-31 16:08:48 +00:00
mkanat%bugzilla.org
98a4ae3979 Bug 720751 - Release notes for Bugzilla 3.6.8 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@263323 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-27 22:17:57 +00:00
mkanat%bugzilla.org
823b470fa1 Bug 713344: Release notes for Bugzilla 3.6.7 
r=wicked a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@263194 18797224-902f-48f8-a5cc-f745e15eee43
 2011-12-26 10:47:51 +00:00
mkanat%bugzilla.org
9ed06e7b6e Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause XSS on this domain in IE 6-8 and Safari 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@262585 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-04 20:49:57 +00:00
mkanat%bugzilla.org
a4c8ab1653 Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when creating or editing a bug 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@262583 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-04 20:20:54 +00:00
mkanat%bugzilla.org
91d4f8b7b2 Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment containing newline are corrupt 
[r=glob a=LpSolit]


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@262580 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-04 19:34:39 +00:00
mkanat%bugzilla.org
7a38fe66c0 Bug 675752: Release notes for Bugzilla 3.6.6 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@262564 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-02 23:01:21 +00:00
mkanat%bugzilla.org
3b0e00fd3c Bug 653406: fix escaping of url vars in error messages 
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@262270 18797224-902f-48f8-a5cc-f745e15eee43
 2011-04-29 05:49:35 +00:00
mkanat%bugzilla.org
4fca133da2 Bug 653274 - Release Notes for Bugzilla 3.6.5 
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@262251 18797224-902f-48f8-a5cc-f745e15eee43
 2011-04-28 00:29:58 +00:00
mkanat%bugzilla.org
cb351b6e88 Restore the missing link due to bug 490322 (thanks Selenium!) 
r=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261948 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-15 19:01:41 +00:00
mkanat%bugzilla.org
aff8064de6 Bug 490322: Make "allwords" work with the keywords field, again. 
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261942 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-15 05:48:11 +00:00
mkanat%bugzilla.org
87201dfd68 Bug 629007: Example in quicksearch priority shortcut is incorrect 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261879 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-31 23:05:07 +00:00
mkanat%bugzilla.org
96096b8378 The "simple format" of the duplicates table was broken by an improper backport 
using the "mtime" filter, which doesn't exist in 3.6.


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261831 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-25 05:31:41 +00:00
mkanat%bugzilla.org
cc59d868e7 Bug 619594: (CVE-2010-4568) [SECURITY] Improve the randomness of 
generate_random_password, to protect against an account compromise issue
and other critical vulnerabilities.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261817 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-24 22:07:59 +00:00
mkanat%bugzilla.org
2d76acd475 Bug 621105 - [SECURITY] Voting lacks CSRF protection 
r=mkanat,a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261814 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-24 19:53:26 +00:00
mkanat%bugzilla.org
72a8e0036b Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace 
and

Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs

r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261813 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-24 18:53:58 +00:00
mkanat%bugzilla.org
7445e5472f Bug 621110: [SECURITY] Quips (adding/approving/deleting) lacks CSRF protection 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261806 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-24 17:38:25 +00:00
mkanat%bugzilla.org
58e7e4bff8 Bug 621108: [SECURITY] Creating/editing charts lacks CSRF protection 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261805 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-24 17:27:06 +00:00
mkanat%bugzilla.org
448e567c1e Bug 627923 - Release Notes for Bugzilla 3.6.4 
r=reed


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261799 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-24 04:23:23 +00:00
mkanat%bugzilla.org
6f7a3988b9 Bug 627854: Add 'form' hook to create-guided.html.tmpl similar to create.html.tmpl 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261785 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-21 21:50:19 +00:00
mkanat%bugzilla.org
e4db7a5241 Bug 623608 - Add intro/outro extension hooks to footer.html.tmpl 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261780 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-21 05:19:52 +00:00
mkanat%bugzilla.org
524773f812 Bug 255524: The duplicates table inherits no CSS classes when viewed in simple format 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261728 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-07 12:50:04 +00:00
mkanat%bugzilla.org
8c3d044ee9 Bug 622822 - add additional_links hook to front page. r,a=mkanat. 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261707 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-05 10:50:18 +00:00
mkanat%bugzilla.org
c8d557f459 Bug 622105 - Misspelling in setting_info_invalid error message 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261703 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-30 17:03:17 +00:00
mkanat%bugzilla.org
2783edc189 Bug 610217: config.cgi?ctype=rdf should include product.allows_unconfirmed 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261566 18797224-902f-48f8-a5cc-f745e15eee43
 2010-11-14 19:24:51 +00:00
mkanat%bugzilla.org
d190424c2f Fix the 3.6 release notes to accurately describe the "form field longdesclength" 
fix.


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261519 18797224-902f-48f8-a5cc-f745e15eee43
 2010-11-03 02:46:39 +00:00
mkanat%bugzilla.org
8fa11a377c Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project specific, and product names are viewable in graphs/ 
r=wurblzap a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261505 18797224-902f-48f8-a5cc-f745e15eee43
 2010-11-02 23:23:21 +00:00
mkanat%bugzilla.org
851f8aa427 Bug 608188 - Release Notes for Bugzilla 3.6.3 
r=LpSolit, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261498 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-31 23:31:59 +00:00
mkanat%bugzilla.org
49d68e27fd Bug 607083: Improve the error message that install-module.pl prints when 
you specify an invalid CPAN module.
r=mkanat, a=mkanat (module owner)


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261462 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-26 21:21:24 +00:00
mkanat%bugzilla.org
d4caf8a025 Bug 605693: Make config.cgi?ctype=rdf faster 
r=timello a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261433 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-20 12:19:08 +00:00
mkanat%bugzilla.org
d5cba4863c Bug 604107: The link to delete the value 0 of custom fields is broken 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261405 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-15 01:20:24 +00:00
mkanat%bugzilla.org
4c82713caa Bug 575947: Users with passwords length less than 6 characters can't login after migration from 3.4.x or older to 3.6 or newer 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261395 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-14 00:53:22 +00:00
mkanat%bugzilla.org
5eddb510be Bug 595712: Return to bug page after login doesn't work with javascript disabled 
r=ghendricks a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261268 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-23 18:56:25 +00:00
mkanat%bugzilla.org
c7f51971b3 Add a missing "FILTER html" to the bug_url_invalid error message. 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261254 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-19 00:18:37 +00:00
mkanat%bugzilla.org
3612b9c71c Bug 593170: Disallow urls like "show_bug.cgi?id=2323" (with no domain) in 
the See Also field.
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261246 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-18 23:57:24 +00:00
mkanat%bugzilla.org
df581530a7 Bug 577835: Improve the error message displayed when you put an invalid 
Bug URL into the See Also field.


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261234 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-18 23:23:43 +00:00
mkanat%bugzilla.org
5ed5bd13df Bug 595664: Maximum password length is hardcoded in the UI when editing user accounts 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261206 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-14 19:06:24 +00:00
mkanat%bugzilla.org
ee945ad281 Bug 596038: The before_table hook needs to be moved before tableheader 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261203 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-14 15:36:12 +00:00
mkanat%bugzilla.org
4fbe525f03 Bug 594038 - Add new hook 'end' in footer.html.tmpl 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261186 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-08 02:50:20 +00:00
mkanat%bugzilla.org
9a786dc3a6 Bug 591218 - Add missing 'longdesclength' form field to fix problem when receiving a mid-air after selecting "Submit only my new comment" on mid-air page. 
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261115 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-28 08:51:22 +00:00
mkanat%bugzilla.org
f28c8c01b5 Bug 585852 - Fix error message for 'file_too_large' to not mention "non-patch attachments", as that distinction was removed in 3.6+. 
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@261011 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-10 04:03:00 +00:00
mkanat%bugzilla.org
177ab529d8 s/where missing/were missing/ (no bug) 
[r=mkanat a=mkanat] (via IRC)


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@260995 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-06 06:19:25 +00:00
mkanat%bugzilla.org
592edff1b0 Bug 450013: (CVE-2010-2757) [SECURITY] Can sudo a user without sending email 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@260974 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-04 21:52:54 +00:00
mkanat%bugzilla.org
c23d2dd670 Bug 583649: Release Notes for Bugzilla 3.6.2 
r=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@260969 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-04 18:19:33 +00:00
mkanat%bugzilla.org
7802ffde77 Bug 581622: When a quicksearch includes the "content" field, it is limited to 200 bugs 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@260934 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-01 23:37:32 +00:00