Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Mozilla/mozilla/webtools/bugzilla/Bugzilla
History
mkanat%bugzilla.org d21ff6ea40 Bug 718319: (CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can lead to CSRF (no victim's action required) 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263341 18797224-902f-48f8-a5cc-f745e15eee43
2012-01-31 16:16:56 +00:00
..
Attachment
Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause XSS on this domain in IE 6-8 and Safari
2011-08-04 20:49:57 +00:00
Auth
Bug 604522: t/012throwables.t doesn't catch new user errors correctly
2010-10-15 00:21:59 +00:00
Config
Bug 685552 - Email auto-completion causes server to thrash
2011-10-24 22:19:56 +00:00
DB
Bug 550299: User fields are left blank in buglists and whines when local user accounts are used (i.e. they have no @company.com suffix)
2011-12-06 12:04:13 +00:00
Field
Bug 577054: ChoiceInterface was denying the deletion of any value if
2010-07-23 01:49:27 +00:00
Install
Bug 678772: version.pm 0.92 and newer forbids negative values, making checksetup.pl to fail
2011-08-16 01:49:56 +00:00
Job
Bug 515606: Fix the arguments of Bugzilla::Job::Mailer->retry_delay--it's actually a class method, not just a subroutine
2009-09-10 23:47:27 +00:00
JobQueue
Bug 563641: Make bugzilla-queue init script support SuSE
2010-05-19 17:31:36 +00:00
Migrate
Bug 486292: Change the default workflow to UNCONFIRMED, CONFIRMED,
2010-07-06 00:47:25 +00:00
Search
Allow extensions to alter quicksearch terms and search format. r=mkanat.
2011-01-27 13:03:40 +00:00
Template
Bug 508823: Make it so that you don't ever have to reset template_inner (like
2010-03-01 01:46:32 +00:00
User
Bug 646209: Offer "UTC" as a timezone option in General Preferences
2011-04-05 00:20:02 +00:00
WebService
Bug 718319: (CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can lead to CSRF (no victim's action required)
2012-01-31 16:16:56 +00:00
Whine
Bug 572602: Change the way that Bugzilla::Object determines what fields
2010-06-24 00:47:53 +00:00
Attachment.pm
Bug 677187: If the attachment filename contains a newline, an error is thrown when trying to download the attachment
2011-08-10 00:01:23 +00:00
Auth.pm
Bug 707594: Fix broken account lockout notifications
2011-12-05 16:48:52 +00:00
Bug.pm
Bug 654496: Duplicate bug detection doesn't work when using Oracle
2011-08-16 01:48:50 +00:00
BugMail.pm
Bug 643910: Email notifications from a blocked bug have the timestamp from its last change instead of the timestamp of the blocker
2011-04-27 22:02:18 +00:00
CGI.pm
Bug 652625 - Empty queries still get run because the list_id parameter is added to them
2011-05-04 22:03:57 +00:00
Chart.pm
Bug 697699 - (CVE-2011-3657) [SECURITY] XSS when viewing new charts or tabular and graphical reports in debug mode
2011-12-28 22:03:37 +00:00
Classification.pm
Bug 514618: Allow restricting the visibility and values of fields by
2010-07-05 22:02:05 +00:00
Comment.pm
Bug 556422: Move the existing bug-moving functionality into an extension
2010-06-18 21:16:53 +00:00
Component.pm
Bug 553266: config.cgi?ctype=rdf spends most of its time loading flagtypes from the database
2010-10-20 00:48:51 +00:00
Config.pm
Bug 434801: [SECURITY] .htaccess doesn't prevent reading old-params.txt from the web - Patch by Reed Loden <reed@reedloden.com> r=mkanat a=LpSolit
2010-02-01 00:50:15 +00:00
Constants.pm
Bump the version number post-release
2011-12-29 18:03:54 +00:00
DB.pm
Bug 550299: User fields are left blank in buglists and whines when local user accounts are used (i.e. they have no @company.com suffix)
2011-12-06 12:04:13 +00:00
Error.pm
Bug 574879: Create a test that assures the correctness of Search.pm's
2010-07-07 21:47:00 +00:00
Extension.pm
Document how to add user settings. r,a=mkanat.
2011-01-05 17:03:49 +00:00
Field.pm
Bug 583287: Some fields should not be displayed in bugmail for new bugs
2010-08-02 23:21:13 +00:00
Flag.pm
Bug 652165: Flagmails have a wrong Date: value
2011-04-23 17:26:03 +00:00
FlagType.pm
Bug 553266: config.cgi?ctype=rdf spends most of its time loading flagtypes from the database
2010-10-20 00:48:51 +00:00
Group.pm
Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when creating or editing a bug
2011-08-04 20:17:35 +00:00
Hook.pm
Bug 468375: Add example code for hooks that were missing it.
2011-04-05 00:06:29 +00:00
Install.pm
Bug 577956: Bugs which were never confirmed cannot be reopened as UNCONFIRMED
2010-08-01 23:37:33 +00:00
JobQueue.pm
Bug 530270: Whining fails if mail queueing is enabled - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit
2009-11-22 22:26:04 +00:00
Keyword.pm
Bug 572602: Change the way that Bugzilla::Object determines what fields
2010-06-24 00:47:53 +00:00
Mailer.pm
Bug 600230 - Add a unique Message-ID to all outgoing e-mails.
2010-10-26 21:21:25 +00:00
Migrate.pm
Bug 682203 - migrate.pl fails at requirements check.
2011-08-31 13:32:51 +00:00
Milestone.pm
Bug 572602: Change the way that Bugzilla::Object determines what fields
2010-06-24 00:47:53 +00:00
Object.pm
Bug 587793: Add a new "object_end_of_create" hook so that extensions can
2010-09-01 23:06:21 +00:00
Product.pm
Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when creating or editing a bug
2011-08-04 20:17:35 +00:00
Search.pm
Bug 550299: User fields are left blank in buglists and whines when local user accounts are used (i.e. they have no @company.com suffix)
2011-12-06 12:04:13 +00:00
Series.pm
Bug 577089: Make convert-workflow fix the query values for series
2010-07-08 00:33:57 +00:00
Status.pm
Bug 486292: Change the default workflow to UNCONFIRMED, CONFIRMED,
2010-07-06 00:47:25 +00:00
Template.pm
Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment containing newline are corrupt
2011-08-04 19:32:30 +00:00
Token.pm
Bug 508823: Make it so that you don't ever have to reset template_inner (like
2010-03-01 01:46:32 +00:00
Update.pm
fix bustage in 012throwables.t
2010-02-20 21:16:19 +00:00
User.pm
Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account
2011-12-28 22:21:31 +00:00
Util.pm
Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email addresses, which could allow an attacker to be CC'ed to private bugs by accident
2012-01-31 15:48:18 +00:00
Version.pm
Bug 572602: Change the way that Bugzilla::Object determines what fields
2010-06-24 00:47:53 +00:00
WebService.pm
Bug 579514: Make Bug.attachments also return attachment data
2010-07-20 22:03:21 +00:00
Whine.pm
Bug 530468: Create a read-only Bugzilla::Whine object for whine events and
2010-07-06 00:31:45 +00:00