summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* Bug 1301887 - File::Slurp triggers warnings on perl 5.24 and it is recommende...Dylan William Hardison2017-06-191-9/+8
* Merge tag 'release-5.0.3' into bugstestChristian Ruppert2016-06-181-11/+12
|\
| * Bug 1259881 - CSV export vulnerable to formulae injection (again)Frédéric Buclin2016-04-251-3/+4
| * Bug 1234977: Replace \d+ by [0-9]+ in critical validation placesFrédéric Buclin2016-03-091-8/+8
* | Merge remote-tracking branch 'upstream/5.0' into bugstestRobin H. Johnson2015-12-281-0/+3
|\|
| * Bug 1232785 - [SECURITY] Buglists in CSV format can be parsed as valid javasc...Dylan Hardison2015-12-221-0/+3
* | Merge tag 'release-5.0.1' into bugstestChristian Ruppert2015-09-111-0/+11
|\|
| * Bug 1179160: The login form should not use type="email" when LDAP has LDAPmai...Frédéric Buclin2015-08-061-0/+11
| * Bug 1160598: url() in concatenated CSS files are incorrect when using Multipl...Frédéric Buclin2015-05-051-1/+1
| * Bug 1143871: Correctly preload bug data when viewing a bugFrédéric Buclin2015-04-051-8/+5
| * Bug 880282: Replace |FILTER no_break| by |class="nowrap"| to prevent dashes (...Frédéric Buclin2015-03-111-8/+0
| * Bug 1134743: javascript filter should escape uncode line and paragraph separa...Byron Jones2015-02-241-0/+2
| * Bug 399068: Remove the docs_urlbase parameter. r=LpSolit, a=glob.Gervase Markham2014-12-221-4/+32
| * Bug 1100368: css concatenation breaks data: urlsByron Jones2014-11-181-1/+3
| * Revert Bug 330707 - Add optional support for MarkDownDavid Lawrence2014-11-041-25/+5
| * Bug 1083081 - javascript concatenation should insert a semicolon between filesDylan William Hardison2014-10-271-1/+1
| * Bug 1059723: Reply button should become AJAX-basedKoosha KM2014-10-141-5/+7
| * Bug 1054702: CSV export vulnerable to formulae injectionSimon Green2014-10-061-1/+3
| * Bug 1072110: _concatenate_js assumes javascript_urls is an arrayByron Jones2014-09-261-1/+2
| * Bug 1064395: concatenate and slightly minify javascript filesByron Jones2014-09-181-1/+50
| * Bug 1064933: Bugzilla.pm does not compile without Text::MarkdownKoosha KM2014-09-111-2/+3
| * Bug 330707: Add optional support for MarkDownKoosha KM2014-08-281-0/+17
| * Bug 1054642: quoteUrls() enters an infinite loop with a list of nonexistent b...Koosha KM2014-08-251-13/+8
| * Bug 996893: Perl 5.18 and newer throw tons of warnings about deprecated modulesFrédéric Buclin2014-08-131-0/+1
| * Bug 897915 - Field lists not sorted alphabeticallySimon Green2014-08-101-0/+15
| * Bug 726696 - All authenticated WebServices methods should require username/pa...Simon Green2014-07-271-0/+6
| * Bug 1028795: pre-load all related bugs during show_bug initialisationByron Jones2014-07-031-5/+6
| * Bug 1020821 - Product drop down orders classifications alphabeticallySimon Green2014-07-021-0/+6
| * Bug 1013209: data/assets: empty generated css-fileByron Jones2014-05-301-1/+1
| * Bug 1016199: move skins/assets to data/assetsByron Jones2014-05-281-3/+3
| * fix mod_perl breakage caused by bug 977969Byron Jones2014-05-141-0/+1
| * Bug 977969: concatenate and slightly minify css filesByron Jones2014-05-141-12/+76
| * Bug 998323 - URLs pasted in comments are no longer displayedDavid Lawrence2014-04-181-14/+11
| * Bug 968576: [SECURITY] Dangerous control characters allowed in Bugzilla textManish Goregaokar2014-04-171-0/+12
| * Bug 713926: (CVE-2014-1517) [SECURITY] Login form lacks CSRF protectionFrédéric Buclin2014-04-171-0/+5
| * Bug 956190 (part 3): Remove IE-fixes.css (Internet Explorer 7 and older are n...Frédéric Buclin2014-03-051-6/+4
| * Bug 978619 - Typo in Bugzilla/Template.pmMatt Selsky2014-03-041-1/+1
| * Bug 917669 - invalid or expired authentication tokens and cookies should thro...Dave Lawrence2013-09-261-4/+1
| * Bug 105865: Bugzilla should pay attention to linebreaks when linkifying bug I...Frédéric Buclin2013-08-151-13/+17
| * Remove debug codeFrédéric Buclin2013-07-251-1/+0
| * Bug 895309 - comments returned via the REST endpoint shouldn't be wrappedDave Lawrence2013-07-241-1/+3
| * Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an inva...Frédéric Buclin2013-02-191-5/+9
| * Bug 830467: Don't call _wanted_languages() when only one is availableFrédéric Buclin2013-01-171-8/+3
| * Bug 829939: Only build default_authorizer on requestFrédéric Buclin2013-01-141-1/+1
| * Bug 829709: Do not load CSS files from all skins by defaultFrédéric Buclin2013-01-141-36/+13
| * Bug 804343: Implement autolinkification for a list of comment idsKoosha Khajeh Moogahi2012-12-291-1/+15
| * Bug 787668: Use |use parent| instead of |use base|Matt Selsky2012-12-011-1/+1
| * Bug 816747 - Add dummy POD for unPODded methods.Marc Schumann2012-11-301-0/+26
| * Bug 811280: Adds a caching mechanism to Bugzilla::Object to avoid querying th...Byron Jones2012-11-221-3/+3
| * Bug 797636: Improve performance for buglistsFrédéric Buclin2012-11-161-3/+2