the following changes have been pushed to bugzilla.mozilla.org:
-  The size check for input<select>s on show_bug.cgi doesn’t take into account is_active</select>
-  GET REST calls should allow arbitrary URL parameters to be passed in addition the values in the path
-  add the ability for administrators to limit the number of emails sent to a user per minute and hour
-  bugmail failing with “utf8 “\x82″ does not map to Unicode at /usr/lib64/perl5/Encode.pm line 174”
-  Login form lacks CSRF protection
-  Use of uninitialized value in string ne warnings from BugmailFilter extensiom
-  create a bugzilla template for whitelist applications
-  Sort by vote isn’t sorting correctly
note: there was an issue with sending of encrypted email to recipients with s/mime keys. this resulted in a large backlog of emails which was cleared following today’s push.
discuss these changes on mozilla.tools.bmo.