Fix for bug 121735: Perl warning running checksetup.pl if a module has a
non-numeric version number. Patch sets checksetup.pl to use a string
compare instead of a numeric one.
Patch by Dave Miller. r1=Bradley Baetz and r2=Gerv
jake%acutex.net [Mon, 21 Jan 2002 21:39:54 +0000 (21:39 +0000)]
Bug 113438 - The DTD from Bugzilla's XML output was not correct, so any attempts to validate the output were futile.
Patch by Jan <tamino_xml@yahoo.com>
r= jake
Fix for bug 99608: dependency mails are no longer sent if the dependent bug can't be seen by the would-be recipient of the email.
Patch by Jake Steenhagen and David Kilzer
r= gerv, justdave
Additional fix for bug 112914: "Test should not `cat $file`" Previous
patch fixed the problem, but this patch stops once it finds strict so
it will not take as long to run.
Patch by ddkilzer@theracingworld.com. R=zach@zachlipton.com though review
is not required for tests.
myk%mozilla.org [Fri, 11 Jan 2002 05:47:04 +0000 (05:47 +0000)]
Fix for bug 113383: Add a link to the dependent bug in emails about a dependent bug changing state.
Patch by Myk Melez <myk@mozilla.org>.
r=caillon,jake
jake%acutex.net [Sat, 5 Jan 2002 00:04:09 +0000 (00:04 +0000)]
Bug 112914 - This test was relying on the existance of the unix "cat" command instead of using perl's standard open() function. This caused a test failed when running the tinderbox script on win32.
SECURITY FIX for bug 109679: It was possible to send arbitrary SQL to buglist.cgi by altering the HTML form before submitting.
Patch by Dave Miller <justdave@syndicomm.com>
r= dkl, gerv
jake%acutex.net [Tue, 25 Dec 2001 06:24:35 +0000 (06:24 +0000)]
Re-fixing bug 37339 - Checking an undefined variable for a specific value didn't work in Netscape 4 (and was probably a strict warning everywhere else).
Fix by Christian Reis <kiko@async.com.br>
r= afranke, jake
Fix for bug 113646, midair when changing assignee gives error. Fix changes sub trim() in globals.pl not to use $_ so as not to conflict with $_ values allready
set.
Fix for bug 102487: If you had "comment on product change required" turned on in your installation, Bugzilla would warn you of
a forgotten comment AFTER allowing you to choose new components, versions, and milestones, forcing you to hit your back button
TWICE to correct your mistake. This checkin corrects that.
Patch by David Kilzer <ddkilzer@theracingworld.com>
r= caillon, gerv
jake%acutex.net [Thu, 13 Dec 2001 06:41:04 +0000 (06:41 +0000)]
Bug 37339 and Bug 80183 - Adding a sidebar.cgi and index.cgi. The sidebar.cgi can currently be used in Mozilla/Netscape 6 and uses XUL that was originally written by Scott Collins <scc@mozilla.org>. The index.cgi displays both the proper header and footer in the appropriate places. It also changes the links accoding to if you are logged in or not.
r= ddk, kiko
Re-fix for bug 102141: The prior checkin on this bug caused an error if you could only see one product and you tried to
change a bug.
Fix by David Kilzer <ddk@theracingworld.com>
r= justdave, bbaetz
SECURITY FIX bug 54901: If you were using LDAP authentication it would let you log in as anyone if you left the password
blank.
Patch by David Crowe <crow@waveset.com>
r= jmrobins, justdave
jake%acutex.net [Tue, 27 Nov 2001 23:04:52 +0000 (23:04 +0000)]
Bug 108312 - The mid-air collision page was only showing the most recent changes if two people comitted changes to a bug while you were viewing it.
r=louie, myk
myk%mozilla.org [Tue, 27 Nov 2001 08:49:26 +0000 (08:49 +0000)]
Fix for bug 109802: Make it clear how to enter mysql passwords with special characters into localconfig.
Patch by Dave Miller <justdave@syndicomm.com>.
r=ddkilzer,louie.
myk%mozilla.org [Tue, 27 Nov 2001 07:29:29 +0000 (07:29 +0000)]
Fix for bug 101875: Put the product column before the component column rather than after.
Patch by Paul Baker <pbaker@where2getit.com>.
Low risk, r=myk, no second review needed.
Fix for bug 102141: SECURITY FIX - the Product popup menu on the show_bug form listed all products, even if the user didn't
have access to all of them. It now only shows products the user has access to (and the product the bug is in, if the user is
viewing it because of some other override)
Patch by George Hotelling <george.hotelling@iconideas.com> and Dave Miller <justdave@syndicomm.com>
r= bbaetz, caillon
Removed references to bugzilla.mozilla.org so we can avoid
spurious bug postings. However, this file will need some significant
treatment for 2.16 release since the query.cgi interface has changed.
Initial conversion to XML format from SGML.
Note this is a work-in-progress. It compiles cleanly, but I am not yet
submitting compiled HTML and text.
There is one notable problem: nsgmls barfs on the <imagedata> tag in
database.sgml during validation. openjade handles it fine. Weird.
myk%mozilla.org [Tue, 20 Nov 2001 10:59:55 +0000 (10:59 +0000)]
Fix for bug 109240: fixes the regression that changed the way comments regarding attachment creation are formatted.
Patch by Jake <jake@acutex.net>.
r=myk@mozilla.org, no second review needed.
Fix for bug 107120, templates/default/global/header has invalid HTML.
Patch removes a <meta> tag as per bug 38856.
Patch by David D. Kilzer <mailto:ddkilzer@theracingworld.com>.
r1=Christopher Aillon <mailto:caillon@returnzero.com>. No 2nd review
required as per caillon.
Moving a comment to the right place, in order to be able to make a comment about my previous check in that accidentally got checked in without a comment, and hence didn't show up on Tinderbox I think.
It was a change to CGI.pl, a fix for bug 105812: Rename "Components" link in sub GetCommandMenu() to "Products".
The patch was by James A Laska <jlaska@us.ibm.com>.
Fix for bug 100788: enter_bug.cgi wasn't correctly interpretting whether or not a partial URL needed an http:// added to the
front of it, which had the side-effect of duplicating the http:// on the front when a URL was passed from Bugzilla Helper.
Patch by Josh Soref <timeless@mac.com>
r= justdave, caillon
Fix for bug 109354: After entering a new bug, the link offering to add an attachment to the bug you just created pointed at
the old attachment form instead of the new one.
Patch by Josh Soref <timeless@mac.com>
r= myk x2
Fix for bug 107120: templates/default/global/header was generating HTML that wouldn't validate as HTML 4.01 Transitional
Patch by Dave Miller <justdave@syndicomm.com>
r= jake, bbaetz
Fix for bug 92500: line-feeds were not being properly converted when submitting parameter changes with some Mac browsers.
Patch by Gervase Markham <gerv@mozilla.org>
r= ddk, justdave
Fix for bug 102487: If admin has set preferences to require a comment on a product/component change, prompt the user that they
forgot to comment first, before prompting for component, milestone, and version for new product.
Patch by Garvase Markham <gerv@mozilla.org>
r= kiko, ddk
jake%acutex.net [Wed, 14 Nov 2001 11:44:07 +0000 (11:44 +0000)]
We don't really need to look for fragments that are pulled in by [% INCLUDE %] or [% PROCESS %]. While removing this code bit doesn't allow us to seperatly check that those fragments exist and compile, they'll be checked atomatically when the the template that wants them is run through the process() routine by the 004template.t test. This issue was raised because bug 98707 introduced a [% BLOCK %] element and the syntax for using that is the same as for including a template fragment.
jake%acutex.net [Mon, 12 Nov 2001 21:43:59 +0000 (21:43 +0000)]
Fix for bug 86300 - If a bug didn't exist and GetBugLink() tried to create a tooltip for it, you'd get uninitialized variables warnings in your error log. This path also introduces a cache so if the same bug # is mentioned more than once during the same running of the script, it only has to query the database once.
r= mattyt, gerv
Fix for bug 99519: timestamps were not being set correctly in the activity table in some situations, and the delta_ts on the
bug itself was not always being updated if dependencies or CCs changed.
Patch by Dave Miller <justdave@syndicomm.com>
r= bbaetz, jake
myk%mozilla.org [Thu, 8 Nov 2001 10:43:55 +0000 (10:43 +0000)]
Fix for bug 104652: Duplicate bugs in the dependency tree now get marked with the message "This bug appears elsewhere in this tree." so users know why the bug does not appear to have dependencies.
Patch by Gerv <gerv@mozilla.org>.
r=jake@acutex.net,myk@mozilla.org
myk%mozilla.org [Thu, 8 Nov 2001 08:52:13 +0000 (08:52 +0000)]
Fix for bug 108821: Prevent users with any blessgroupset privileges from blessing any group set.
Patch by Jake <jake@acutex.net> and Bradley <bbaetz@cs.mcgill.ca>.
r=jake,myk for Bradley's portion, r=bbaetz,myk for Jake's portion.
Require (temporarily) mysql >= 3.23.5 for the ~ operator, needed for the
fix to bug 107718. This should be removed when the group stuff lands (bug
60822).
SECURITY FIX see bug 108385: Due to trusting of passed form fields that shouldn't have been trusted, it was possible to add a comment to a bug pretending to be someone else if you edited the HTML by hand before submitting. The bug form did not include the field in question, but due to legacy processing code, the field was still trusted if it was present.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake x2
SECURITY FIX see bug 108516: Due to trusting of passed form fields that shouldn't have been trusted, it was possible to file a
bug pretending to be someone else if you edited the HTML by hand before submitting.
Patch by Dave Miller <justdave@syndicomm.com>
r= bbaetz, jake
projects / thirdparty / bugzilla.git / log
