BMO/Recent Changes/2016-10

2016-10-04

• bug 1305671 Bogus </a> after GitHub sign-in button
• bug 1297243 JSON bugzilla attachment reports charset= (two apostrophes, which is an invalid parameter value) and can't be loaded.
• bug 1305861 Error today in creating legal bugs from the Project Review form
• bug 1307294 Bump version of DBD::mysql
• bug 1035804 BzAPI compatibility layer bug query response takes 76s vs 6s for rest
• bug 1306589 BMO: CSRF vulnerability allows deleting admin queue entries

2016-10-11

• bug 1305647 Context menu hovered item is not highlighted.
• bug 1306908 OpenGraph extension doesn't escape URLs properly
• bug 1305684 Unclosed list in footer
• bug 1293689 Add utility method to Bugzilla::CGI for configuring CSP headers
• bug 1308333 Make #user-story work on the old UI
• bug 1305176 Populate Triage Leads field
• bug 1308032 Cache::Memcached::Fast from bugzilla bug 1189281 and bug 1274764

2016-10-11

• bug 1309229 changing product results in Insecure dependency in parameter 3 of DBI::db=HASH(0x7f4caad58190)->selectcol_arrayref method call while running with -T switch at /data/www/bugzilla.mozilla.org/Bugzilla/Product.pm line 555.

2016-10-12

• bug 1309278 Cache::Memcached::Fast returns tainted data if the key is tainted
• bug 1298932 Please create an IPC request form in Bugzilla

2016-10-18

• bug 1305457 product and component quick search does not work from describecomponents.cgi gives error if not logged in
• bug 1309649 Add longdescs.count to table of fields in the documentation for search.
• bug 1309487 include longdescs.count in result for /rest/bug
• bug 1309737 Add User-Agent to the Access-Control-Allow-Headers header
• bug 1308949 Keep MYMETA.json up-to-date when checksetup is run

2016-10-25

• bug 1310747 SSRF