Archive | March 2016

Happy BMO Push Day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1251236] Please show the diff on the attachment details page when a patch has been reviewed in MozReview
  • [1259266] Private attachments when viewing a bug are indistinguishable from any other attachment.
  • [1253718] CRM/Email request form

discuss these changes on mozilla.tools.bmo.

Advertisements

Happy BMO Push Day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1251442] Update VP list in Recruiting Product
  • [1256954] Multiple Selenium cases are failing after the commit of bug 1253914
  • [1252782] can’t add a “See Also” to a Chromium bug on bugs.chromium.org
  • [1258547] XSS through javascript: callback URLs in auth delegation

discuss these changes on mozilla.tools.bmo.

Happy BMO Push Day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1255272] Adding a flag via the MozReview batch-attachment API doesn’t CC the user
  • [1229834] extend information we [audit] log to the syslog

discuss these changes on mozilla.tools.bmo.

Happy BMO Push Day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1253483] MozReview.attachments() doesn’t create flags on new attachments
  • [1254542] Reflected XSS in comment-remo-form-payment.txt page
  • [1254675] bug_modal template fails to escape format parameter
  • [1254227] MozReview auth delegation allows sending out phishing mails via Bugzilla
  • [1253914] Cross domain referer leakage when resetting the user password
  • [1252578] CSRF and SELECT-only SQL execution attack against query_database.html

discuss these changes on mozilla.tools.bmo.

Happy BMO Push Day!

the following changes have been pushed to bugzilla.mozilla.org:

  • [1252628] 404 on https://www.mozilla.org/en-US/quality/bug-writing-guidelines.html
  • [1253032] Recent change to JSON::XS breaks some APIs
  • [1252735] test_email_preferences.t selenium test is intermittently failing
  • [1252862] Remove calls to delete_token() in several places where it is unnecessary
  • [1252084] Warning when entering row into user_request_log when running commandline script
  • [1253691] issue-api-key.pl needs to take an app_id as well
  • [1251442] Update VP list in Recruiting Product
  • [1252445] Tracking flags configuration is vulnerable to CSRF and causes persistent XSS
  • [1252554] Avoid possibility of XSS in release tracking report

discuss these changes on mozilla.tools.bmo.