diff --git a/Bugzilla/Config/Attachment.pm b/Bugzilla/Config/Attachment.pm
index e5885fed2..42c5c2538 100644
--- a/Bugzilla/Config/Attachment.pm
+++ b/Bugzilla/Config/Attachment.pm
@@ -76,7 +76,7 @@ sub get_param_list {
name => 'maxattachmentsize',
type => 't',
default => '1000',
- checker => \&check_numeric
+ checker => \&check_maxattachmentsize
},
# The maximum size (in bytes) for patches and non-patch attachments.
diff --git a/Bugzilla/Config/Common.pm b/Bugzilla/Config/Common.pm
index e6f0398e3..5b2cabb93 100644
--- a/Bugzilla/Config/Common.pm
+++ b/Bugzilla/Config/Common.pm
@@ -50,7 +50,8 @@ use base qw(Exporter);
check_opsys check_shadowdb check_urlbase check_webdotbase
check_netmask check_user_verify_class check_image_converter
check_mail_delivery_method check_notification check_timezone check_utf8
- check_bug_status check_smtp_auth
+ check_bug_status check_smtp_auth
+ check_maxattachmentsize
);
# Checking functions for the various values
@@ -320,6 +321,24 @@ sub check_mail_delivery_method {
return "";
}
+sub check_maxattachmentsize {
+ my $check = check_numeric(@_);
+ return $check if $check;
+ my $size = shift;
+ my $dbh = Bugzilla->dbh;
+ if ($dbh->isa('Bugzilla::DB::Mysql')) {
+ my (undef, $max_packet) = $dbh->selectrow_array(
+ q{SHOW VARIABLES LIKE 'max\_allowed\_packet'});
+ my $byte_size = $size * 1024;
+ if ($max_packet < $byte_size) {
+ return "You asked for a maxattachmentsize of $byte_size bytes,"
+ . " but the max_allowed_packet setting in MySQL currently"
+ . " only allows packets up to $max_packet bytes";
+ }
+ }
+ return "";
+}
+
sub check_notification {
my $option = shift;
my @current_version =
diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index 968cb29c4..d5aeabca2 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -159,7 +159,7 @@ use File::Basename;
# CONSTANTS
#
# Bugzilla version
-use constant BUGZILLA_VERSION => "3.2.2";
+use constant BUGZILLA_VERSION => "3.2.3";
# These are unique values that are unlikely to match a string or a number,
# to be used in criteria for match() functions and other things. They start
diff --git a/Bugzilla/DB/Mysql.pm b/Bugzilla/DB/Mysql.pm
index d47169919..a45461884 100644
--- a/Bugzilla/DB/Mysql.pm
+++ b/Bugzilla/DB/Mysql.pm
@@ -44,6 +44,7 @@ package Bugzilla::DB::Mysql;
use strict;
use Bugzilla::Constants;
+use Bugzilla::Install::Util qw(install_string);
use Bugzilla::Util;
use Bugzilla::Error;
use Bugzilla::DB::Schema::Mysql;
@@ -97,20 +98,9 @@ sub new {
}
}
- # The "comments" field of the bugs_fulltext table could easily exceed
- # MySQL's default max_allowed_packet. Also, MySQL should never have
- # a max_allowed_packet smaller than our max_attachment_size. However,
- # if we've already set a max_allowed_packet in MySQL bigger than all
- # of those, we should keep it.
- my (undef, $current_max_allowed) = $self->selectrow_array(
- q{SHOW VARIABLES LIKE 'max\_allowed\_packet'});
- my $min_max_allowed_packet = MAX_COMMENTS * MAX_COMMENT_LENGTH;
- my $max_allowed_packet = max($min_max_allowed_packet,
- $current_max_allowed,
- # This parameter is not yet defined when the DB
- # is being built for the very first time.
- Bugzilla->params->{'maxattachmentsize'} || 0);
- $self->do("SET SESSION max_allowed_packet = $max_allowed_packet");
+ # Allow large GROUP_CONCATs (largely for inserting comments
+ # into bugs_fulltext).
+ $self->do('SET SESSION group_concat_max_len = 128000000');
return $self;
}
@@ -244,6 +234,24 @@ sub _bz_get_initial_schema {
sub bz_setup_database {
my ($self) = @_;
+ # The "comments" field of the bugs_fulltext table could easily exceed
+ # MySQL's default max_allowed_packet. Also, MySQL should never have
+ # a max_allowed_packet smaller than our max_attachment_size. So, we
+ # warn the user here if max_allowed_packet is too small.
+ my $min_max_allowed = MAX_COMMENTS * MAX_COMMENT_LENGTH;
+ my (undef, $current_max_allowed) = $self->selectrow_array(
+ q{SHOW VARIABLES LIKE 'max\_allowed\_packet'});
+ # This parameter is not yet defined when the DB is being built for
+ # the very first time. The code below still works properly, however,
+ # because the default maxattachmentsize is smaller than $min_max_allowed.
+ my $max_attachment = (Bugzilla->params->{'maxattachmentsize'} || 0) * 1024;
+ my $needed_max_allowed = max($min_max_allowed, $max_attachment);
+ if ($current_max_allowed < $needed_max_allowed) {
+ warn install_string('max_allowed_packet',
+ { current => $current_max_allowed,
+ needed => $needed_max_allowed }) . "\n";
+ }
+
# Make sure the installation has InnoDB turned on, or we're going to be
# doing silly things like making foreign keys on MyISAM tables, which is
# hard to fix later. We do this up here because none of the code below
diff --git a/Bugzilla/Mailer.pm b/Bugzilla/Mailer.pm
index 7b673440b..645e65e4e 100644
--- a/Bugzilla/Mailer.pm
+++ b/Bugzilla/Mailer.pm
@@ -56,7 +56,20 @@ sub MessageToMTA {
my $method = Bugzilla->params->{'mail_delivery_method'};
return if $method eq 'None';
- my $email = ref($msg) ? $msg : Email::MIME->new($msg);
+ my $email;
+ if (ref $msg) {
+ $email = $msg;
+ }
+ else {
+ # RFC 2822 requires us to have CRLF for our line endings and
+ # Email::MIME doesn't do this for us. We use \015 (CR) and \012 (LF)
+ # directly because Perl translates "\n" depending on what platform
+ # you're running on. See http://perldoc.perl.org/perlport.html#Newlines
+ # We check for multiple CRs because of this Template-Toolkit bug:
+ # https://rt.cpan.org/Ticket/Display.html?id=43345
+ $msg =~ s/(?:\015+)?\012/\015\012/msg;
+ $email = new Email::MIME($msg);
+ }
# We add this header to mark the mail as "auto-generated" and
# thus to hopefully avoid auto replies.
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm
index a54da4af5..a8862bd5a 100644
--- a/Bugzilla/Token.pm
+++ b/Bugzilla/Token.pm
@@ -181,7 +181,13 @@ sub issue_hash_token {
# The concatenated string is of the form
# token creation time + site-wide secret + user ID + data
my @args = ($time, Bugzilla->localconfig->{'site_wide_secret'}, Bugzilla->user->id, @$data);
- my $token = md5_hex(join('*', @args));
+
+ my $token = join('*', @args);
+ # Wide characters cause md5_hex() to die.
+ if (Bugzilla->params->{'utf8'}) {
+ utf8::encode($token) if utf8::is_utf8($token);
+ }
+ $token = md5_hex($token);
# Prepend the token creation time, unencrypted, so that the token
# lifetime can be validated.
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 3c8d8938d..1be64ac5d 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -207,7 +207,7 @@ sub xml_quote {
# (#x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF])
$var =~ s/([\x{0001}-\x{0008}]|
[\x{000B}-\x{000C}]|
- [\x{000E}-\x{0019}]|
+ [\x{000E}-\x{001F}]|
[\x{D800}-\x{DFFF}]|
[\x{FFFE}-\x{FFFF}])//gx;
return $var;
diff --git a/attachment.cgi b/attachment.cgi
index 51ee25f36..a17261f65 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -618,6 +618,9 @@ sub update {
($vars->{'operations'}) =
Bugzilla::Bug::GetBugActivity($bug->id, $attachment->id, $cgi->param('delta_ts'));
+ # The token contains the old modification_time. We need a new one.
+ $cgi->param('token', issue_hash_token([$attachment->id, $attachment->modification_time]));
+
# If the modification date changed but there is no entry in
# the activity table, this means someone commented only.
# In this case, there is no reason to midair.
@@ -632,6 +635,12 @@ sub update {
exit;
}
}
+
+ # We couldn't do this check earlier as we first had to validate attachment ID
+ # and display the mid-air collision page if modification_time changed.
+ my $token = $cgi->param('token');
+ check_hash_token($token, [$attachment->id, $attachment->modification_time]);
+
# If the submitter of the attachment is not in the insidergroup,
# be sure that he cannot overwrite the private bit.
# This check must be done before calling Bugzilla::Flag*::validate(),
diff --git a/buglist.cgi b/buglist.cgi
index bf9bd59eb..1e3146e8c 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -1138,7 +1138,11 @@ if ($dotweak && scalar @bugs) {
}
$vars->{'dotweak'} = 1;
$vars->{'use_keywords'} = 1 if Bugzilla::Keyword::keyword_count();
+
+ # issue_session_token needs to write to the master DB.
+ Bugzilla->switch_to_main_db();
$vars->{'token'} = issue_session_token('buglist_mass_change');
+ Bugzilla->switch_to_shadow_db();
$vars->{'products'} = Bugzilla->user->get_enterable_products;
$vars->{'platforms'} = get_legal_field_values('rep_platform');
diff --git a/colchange.cgi b/colchange.cgi
index 3dbd93dca..5e84dcc2c 100755
--- a/colchange.cgi
+++ b/colchange.cgi
@@ -28,6 +28,7 @@ use lib qw(. lib);
use Bugzilla;
use Bugzilla::Constants;
+use Bugzilla::Util;
use Bugzilla::CGI;
use Bugzilla::Search::Saved;
use Bugzilla::Error;
@@ -187,7 +188,7 @@ if (defined $cgi->param('query_based_on')) {
# Only allow users to edit their own queries.
if ($search && $search->user->id == Bugzilla->user->id) {
$vars->{'saved_search'} = $search;
- $vars->{'buffer'} = "cmdtype=runnamed&namedcmd=".$search->name;
+ $vars->{'buffer'} = "cmdtype=runnamed&namedcmd=". url_quote($search->name);
my $params = new Bugzilla::CGI($search->url);
if ($params->param('columnlist')) {
diff --git a/contrib/recode.pl b/contrib/recode.pl
index 713465be7..f7ba034ac 100755
--- a/contrib/recode.pl
+++ b/contrib/recode.pl
@@ -149,16 +149,9 @@ if ($switch{'guess'}) {
my $root = ROOT_USER;
print STDERR < 2009-02-03The Bugzilla Team
This is the 3.2.2 version of The Bugzilla Guide. It is so named +> This is the 3.2.3 version of The Bugzilla Guide. It is so named to match the current version of Bugzilla.
By default, MySQL will only allow you to insert things + into the database that are smaller than 64KB. Attachments + may be larger than this. Also, Bugzilla combines all comments + on a single bug into one field for full-text searching, and the + combination of all comments on a single bug are very likely to + be larger than 64KB.
To change MySQL's default, you need to edit your MySQL + configuration file, which is usually /etc/my.cnf + on Linux. We recommend that you allow at least 4MB packets by + adding the "max_allowed_packet" parameter to your MySQL + configuration in the "[mysqld]" section, like this:
[mysqld] +# Allow packets up to 4MB +max_allowed_packet=4M + |
By default, words must be at least four characters in length @@ -2799,7 +2842,7 @@ CLASS="section" CLASS="section" >2.2.2.2.2. Add a user to MySQL2.2.2.2.3. Add a user to MySQL
You need to add a new MySQL user for Bugzilla to use. @@ -2892,8 +2935,8 @@ CLASS="section" >
By default, MySQL will limit the size of a table to 4GB. @@ -2992,7 +3035,7 @@ CLASS="section" >
At first glance, negation seems redundant. Rather than searching for
one could search forHowever, the search5.8.1. Autolinkification
5.11.2.1. Creating Charts
5.13.4. Saving Your Changes
Example A-1. Examples of urlbase/cookiepath pairs for sharing login cookies
Example A-2. Examples of urlbase/cookiepath pairs to restrict the login cookieVersion 1.1, March 2000
0-9, high ascii
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release - 3.15.4. Assigning Group Controls to Products
diff --git a/docs/en/html/api/index.html b/docs/en/html/api/index.html index 1402dbae5..f35b8c6b0 100644 --- a/docs/en/html/api/index.html +++ b/docs/en/html/api/index.html @@ -2,13 +2,13 @@ -Bugzilla 3.2.2 API Documentation +Bugzilla 3.2.3 API Documentation -Bugzilla 3.2.2 API Documentation
+Bugzilla 3.2.3 API Documentation
- Files
- diff --git a/docs/en/html/attachments.html b/docs/en/html/attachments.html index 3b82cd05d..b7ce3b60a 100644 --- a/docs/en/html/attachments.html +++ b/docs/en/html/attachments.html @@ -7,7 +7,7 @@ NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79">
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 2.2.2.2.1. Allow small words in full-text indexes2.2.2.2.1. Allow large attachments and many comments
By default, MySQL will only allow you to insert things + into the database that are smaller than 64KB. Attachments + may be larger than this. Also, Bugzilla combines all comments + on a single bug into one field for full-text searching, and the + combination of all comments on a single bug are very likely to + be larger than 64KB.
To change MySQL's default, you need to edit your MySQL + configuration file, which is usually /etc/my.cnf + on Linux. We recommend that you allow at least 4MB packets by + adding the "max_allowed_packet" parameter to your MySQL + configuration in the "[mysqld]" section, like this:
[mysqld] +# Allow packets up to 4MB +max_allowed_packet=4M +2.2.2.2.2. Allow small words in full-text indexes
By default, words must be at least four characters in length @@ -402,7 +445,7 @@ CLASS="section" CLASS="section" >2.2.2.2.2. Add a user to MySQL2.2.2.2.3. Add a user to MySQL
You need to add a new MySQL user for Bugzilla to use. @@ -495,8 +538,8 @@ CLASS="section" >
2.2.2.2.3. Permit attachments table to grow beyond 4GB2.2.2.2.4. Permit attachments table to grow beyond 4GB
By default, MySQL will limit the size of a table to 4GB. @@ -595,7 +638,7 @@ CLASS="section" >
2.2.2.3.1. Add a User to PostgreSQL
2.2.2.3.2. Configure PostgreSQL
2.2.2.4.1. Create a New Tablespace
2.2.2.4.2. Add a User to Oracle
2.2.2.4.3. Configure the Web Server
2.2.3. checksetup.pl
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 2.3.1. Bug Graphs
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release Version 1.1, March 2000
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 0-9, high ascii
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 3.15.4. Assigning Group Controls to Products
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 5.8.1. Autolinkification
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 ReleaseThe Bugzilla Team
2009-02-03
2009-03-30The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release - 2.2.3. checksetup.pl
- 2.3.1. Bug Graphs
- 2.6.1. Introduction
- 2.6.2. MySQL
- 2.6.3. Perl
- 2.6.5. HTTP Server
- 2.6.6. Bugzilla
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 1.3. New Versions This is the 3.2.2 version of The Bugzilla Guide. It is so named +> This is the 3.2.3 version of The Bugzilla Guide. It is so named to match the current version of Bugzilla.
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 2.6.1. Introduction
2.6.2. MySQL
2.6.2.1. Running MySQL as Non-Root
2.6.2.1.1. The Custom Configuration Method
2.6.2.1.2. The Custom Built Method
2.6.2.1.3. Starting the Server
2.6.3. Perl
2.6.5. HTTP Server
2.6.5.1. Running Apache as Non-Root
2.6.6. Bugzilla
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release At first glance, negation seems redundant. Rather than searching for one could search forHowever, the searchThe Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 5.11.2.1. Creating Charts
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release Example A-1. Examples of urlbase/cookiepath pairs for sharing login cookies Example A-2. Examples of urlbase/cookiepath pairs to restrict the login cookieThe Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release
- 5.8.1. Autolinkification
- 5.13.4. Saving Your Changes
The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release The Bugzilla Guide - 3.2.2 +>The Bugzilla Guide - 3.2.3 Release 5.13.4. Saving Your Changes
FLUSH PRIVILEGES; _________________________________________________________________ -2.2.2.2.3. Permit attachments table to grow beyond 4GB +2.2.2.2.4. Permit attachments table to grow beyond 4GB By default, MySQL will limit the size of a table to 4GB. This limit is present even if the underlying filesystem has no such limit. To set a higher diff --git a/docs/en/xml/Bugzilla-Guide.xml b/docs/en/xml/Bugzilla-Guide.xml index 588fb2ec4..4b77c1067 100644 --- a/docs/en/xml/Bugzilla-Guide.xml +++ b/docs/en/xml/Bugzilla-Guide.xml @@ -34,9 +34,9 @@ For a devel release, simple bump bz-ver and bz-date --> - + - + diff --git a/docs/en/xml/installation.xml b/docs/en/xml/installation.xml index 54ec6c1c6..9a3b08865 100644 --- a/docs/en/xml/installation.xml +++ b/docs/en/xml/installation.xml @@ -1,5 +1,5 @@ - +
Installing Bugzilla @@ -778,6 +778,28 @@ improving your installation's security. + ++ Allow large attachments and many comments + +By default, MySQL will only allow you to insert things + into the database that are smaller than 64KB. Attachments + may be larger than this. Also, Bugzilla combines all comments + on a single bug into one field for full-text searching, and the + combination of all comments on a single bug are very likely to + be larger than 64KB. + +To change MySQL's default, you need to edit your MySQL + configuration file, which is usually + +/etc/my.cnf + on Linux. We recommend that you allow at least 4MB packets by + adding the "max_allowed_packet" parameter to your MySQL + configuration in the "[mysqld]" section, like this:[mysqld] +# Allow packets up to 4MB +max_allowed_packet=4M + +Allow small words in full-text indexes diff --git a/email_in.pl b/email_in.pl index c7308eba3..48209331d 100755 --- a/email_in.pl +++ b/email_in.pl @@ -115,7 +115,7 @@ sub parse_mail { debug_print("Body:\n" . $body, 3); $body = remove_leading_blank_lines($body); - my @body_lines = split("\n", $body); + my @body_lines = split(/\r?\n/s, $body); # If there are fields specified. if ($body =~ /^\s*@/s) { diff --git a/enter_bug.cgi b/enter_bug.cgi index 6eed41287..7686d4c91 100755 --- a/enter_bug.cgi +++ b/enter_bug.cgi @@ -404,7 +404,7 @@ if ($cloned_bug_id) { $vars->{deadline} = $cloned_bug->deadline; if (defined $cloned_bug->cc) { - $vars->{cc} = join (" ", @{$cloned_bug->cc}); + $vars->{cc} = join (", ", @{$cloned_bug->cc}); } else { $vars->{cc} = formvalue('cc'); } diff --git a/importxml.pl b/importxml.pl index 6b0c043b4..24eff8f63 100755 --- a/importxml.pl +++ b/importxml.pl @@ -326,19 +326,17 @@ sub init() { Error( "no urlbase set", "REOPEN", $exporter ) unless ($urlbase); my $def_product = new Bugzilla::Product( { name => $params->{"moved-default-product"} } ) - || Error("Cannot import these bugs because an invalid default - product was defined for the target db." - . $params->{"maintainer"} . " needs to fix the definitions of - moved-default-product. \n", "REOPEN", $exporter); + || Error("an invalid default product was defined for the target DB. " . + $params->{"maintainer"} . " needs to fix the definitions of " . + "moved-default-product. \n", "REOPEN", $exporter); my $def_component = new Bugzilla::Component( { product => $def_product, name => $params->{"moved-default-component"} }) - || Error("Cannot import these bugs because an invalid default - component was defined for the target db." - . $params->{"maintainer"} . " needs to fix the definitions of - moved-default-component.\n", "REOPEN", $exporter); + || Error("an invalid default component was defined for the target DB. " . + $params->{"maintainer"} . " needs to fix the definitions of " . + "moved-default-component.\n", "REOPEN", $exporter); } @@ -474,6 +472,11 @@ sub process_bug { # append it to the log, which will go into the comments when we are done. foreach my $bugchild ( $bug->children() ) { Debug( "Parsing field: " . $bugchild->name, DEBUG_LEVEL ); + + # Skip the token if one is included. We don't want it included in + # the comments, and it is not used by the importer. + next if $bugchild->name eq 'token'; + if ( defined $all_fields{ $bugchild->name } ) { my @values = $bug->children_text($bugchild->name); if (scalar @values > 1) { @@ -1354,7 +1357,7 @@ importxml - Import bugzilla bug data from xml. Options: -? --help brief help message -v --verbose print error and debug information. - Mulltiple -v increases verbosity + Multiple -v increases verbosity -m --sendmail send mail to recipients with log of bugs imported --attach_path The path to the attachment files. (Required if encoding="filename" is used for attachments.) diff --git a/mod_perl.pl b/mod_perl.pl index fe78c4be9..1e5c7fc63 100644 --- a/mod_perl.pl +++ b/mod_perl.pl @@ -53,6 +53,8 @@ my $cgi_path = Bugzilla::Constants::bz_locations()->{'cgi_path'}; # Set up the configuration for the web server my $server = Apache2::ServerUtil->server; my $conf = <AddHandler perl-script .cgi # No need to PerlModule these because they're already defined in mod_perl.pl diff --git a/show_bug.cgi b/show_bug.cgi index bc9e23491..80fcfc7ee 100755 --- a/show_bug.cgi +++ b/show_bug.cgi @@ -115,7 +115,7 @@ $vars->{'bug_list'} = \@bug_list; # on the exclusion list. This is so you can say e.g. "Everything except # attachments" without listing almost all the fields. my @fieldlist = (Bugzilla::Bug->fields, 'group', 'long_desc', - 'attachment', 'attachmentdata'); + 'attachment', 'attachmentdata', 'token'); my %displayfields; if ($cgi->param("field")) { diff --git a/template/en/default/admin/components/create.html.tmpl b/template/en/default/admin/components/create.html.tmpl index 0949837fc..86411adad 100644 --- a/template/en/default/admin/components/create.html.tmpl +++ b/template/en/default/admin/components/create.html.tmpl @@ -52,6 +52,7 @@ [% INCLUDE global/userselect.html.tmpl name => "initialowner" id => "initialowner" + value => "" size => 64 %] @@ -64,6 +65,7 @@ [% INCLUDE global/userselect.html.tmpl name => "initialqacontact" id => "initialqacontact" + value => "" size => 64 emptyok => 1 %] @@ -78,6 +80,7 @@ [% INCLUDE global/userselect.html.tmpl name => "initialcc" id => "initialcc" + value => "" size => 64 multiple => 5 %] diff --git a/template/en/default/attachment/confirm-delete.html.tmpl b/template/en/default/attachment/confirm-delete.html.tmpl index 4bd69e565..14c76c309 100644 --- a/template/en/default/attachment/confirm-delete.html.tmpl +++ b/template/en/default/attachment/confirm-delete.html.tmpl @@ -21,8 +21,7 @@ [% PROCESS global/variables.none.tmpl %] [% title = BLOCK %] - Delete Attachment [% a.id FILTER html %] of - [%+ "$terms.Bug " _ a.bug_id FILTER bug_link(a.bug_id) FILTER none %] + Delete Attachment [% a.id FILTER html %] of [% terms.Bug %] [%+ a.bug_id FILTER html %] [% END %] [% PROCESS global/header.html.tmpl diff --git a/template/en/default/attachment/edit.html.tmpl b/template/en/default/attachment/edit.html.tmpl index ca0a8bc6e..1b00df999 100644 --- a/template/en/default/attachment/edit.html.tmpl +++ b/template/en/default/attachment/edit.html.tmpl @@ -171,6 +171,9 @@ + [% IF user.id %] + + [% END %] diff --git a/template/en/default/bug/create/create-guided.html.tmpl b/template/en/default/bug/create/create-guided.html.tmpl index 090d4e991..9f2a21b71 100644 --- a/template/en/default/bug/create/create-guided.html.tmpl +++ b/template/en/default/bug/create/create-guided.html.tmpl @@ -67,40 +67,6 @@ function PutDescription() { } -[%# Browser sniff to try and reduce the incidence of Netscape 6/7 bugs %] - -[% IF cgi.user_agent('Netscape(\d)') %] - [% matches = cgi.user_agent().match('Netscape(\d)') %] -
- - - You are using Netscape [% matches.0 %]. - Report [% terms.bugs %] with this browser to the - - Netscape [% matches.0 %] Feedback Center. - - - This form is only for reporting [% terms.bugs %] in the Mozilla web browser - and other products from mozilla.org. To report [% terms.abug %] you find - in Netscape [% matches.0 %] with this form, you must reproduce it first in - a recent build of - Mozilla, - Firefox, -Thunderbird or - Camino - to make sure the problem hasn't been fixed already. --[% END %] - -[% IF cgi.user_agent('Gecko/') %] - [% matches = cgi.user_agent().match('Gecko/(\d+)') %] - -[% END %] - - -Step 1 of 3 - has your [% terms.bug %] already been reported?
@@ -121,13 +87,13 @@ function PutDescription() { [% END %]- All-time Top 100 (loaded initially) | - Hot in the last two weeks + All-time Top 100 (loaded initially) | + Hot in the last two weeks
@@ -260,9 +226,8 @@ function PutDescription() { - [% op_sys = [ "Windows 98", "Windows NT", "Windows 2000", "Windows XP", - "Mac System 9.x", "MacOS X", - "Linux", "All", "other" ] %] + [% op_sys = [ "Windows 2000", "Windows XP", "Windows Vista", "Windows 7", + "Mac OS X", "Linux", "All", "Other" ] %]
diff --git a/template/en/default/bug/edit.html.tmpl b/template/en/default/bug/edit.html.tmpl index 16b26fbfc..428979de2 100644 --- a/template/en/default/bug/edit.html.tmpl +++ b/template/en/default/bug/edit.html.tmpl @@ -898,6 +898,7 @@ [% INCLUDE global/userselect.html.tmpl id => "newcc" name => "newcc" + value => "" size => 30 multiple => 5 %] diff --git a/template/en/default/bug/show.xml.tmpl b/template/en/default/bug/show.xml.tmpl index 23874d989..c59b2bed0 100644 --- a/template/en/default/bug/show.xml.tmpl +++ b/template/en/default/bug/show.xml.tmpl @@ -44,6 +44,11 @@ [% END %] [% END %] + [%# This is here so automated clients can still use process_bug.cgi %] + [% IF displayfields.token && user.id %] + [% issue_hash_token([bug.id, bug.delta_ts]) FILTER xml %] + [% END %] + [%# Now handle 'special' fields #%] [% IF displayfields.group %] [% FOREACH g = bug.groups %] @@ -94,9 +99,13 @@[% a.contenttype FILTER xml %] [% a.datasize FILTER xml %] [% a.attacher.email FILTER xml %] - [% IF displayfields.attachmentdata %] - [% a.data FILTER base64 %] - [% END %] + [%# This is here so automated clients can still use attachment.cgi %] + [% IF displayfields.token && user.id %] +[% issue_hash_token([a.id, a.modification_time]) FILTER xml %] + [% END %] + [% IF displayfields.attachmentdata %] + [% a.data FILTER base64 %] + [% END %] [% FOREACH flag = a.flags %][ - 'matches.0', 'tablecolour', 'sel', 'productstring', diff --git a/template/en/default/flag/list.html.tmpl b/template/en/default/flag/list.html.tmpl index 9d76b267e..cb4b19875 100644 --- a/template/en/default/flag/list.html.tmpl +++ b/template/en/default/flag/list.html.tmpl @@ -229,6 +229,7 @@ usemenuforusers => 1 custom_userlist => flag_custom_list allow_other_user => flag_list_allow_other + value => "" %] [% END %] @@ -279,6 +280,7 @@ usemenuforusers => 1 custom_userlist => flag_custom_list allow_other_user => flag_list_allow_other + value => "" %] [% END %] diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl index 186e56085..3280ce616 100644 --- a/template/en/default/pages/release-notes.html.tmpl +++ b/template/en/default/pages/release-notes.html.tmpl @@ -19,7 +19,7 @@ [% PROCESS global/variables.none.tmpl %] [% INCLUDE global/header.html.tmpl - title = "$terms.Bugzilla 3.2.1 Release Notes" + title = "$terms.Bugzilla 3.2.3 Release Notes" style_urls = ['skins/standard/release-notes.css'] %] @@ -60,6 +60,35 @@ Change Log Page. + 3.2.3
+ ++
+ +- [% terms.Bugzilla %] is now compatible with MySQL 5.1.x versions 5.1.31 + and greater. + ([% terms.Bug %] 480001)
+- On Windows, [% terms.Bugzilla %] sometimes would send mangled emails + (that would often fail to send). + ([% terms.Bug %] 467920)
+- +
recode.pl
would sometimes crash when trying to convert + databases from older versions of [% terms.Bugzilla %]. + ([% terms.Bug %] 431201)- Running a saved search with Unicode characters in its name would + cause [% terms.Bugzilla %] to crash. + ([% terms.Bug %] 477513)
+- [% terms.Bugzilla %] clients like Mylyn can now update [% terms.bugs %] + again (the [% terms.bug %] XML format now contains a "token" element that + can be used when updating a bug). + ([% terms.Bug %] 476678)
+- For installations using the
+shadowdb
parameter, + [% terms.Bugzilla %] was accidentally writing to the "tokens" table + in the shadow database (instead of the master database) when using the + "Change Several [% terms.Bugs %] at Once" page. + ([% terms.Bug %] 476943)This release also contains a security fix. See the + Security Fixes Section for details.
+3.2.2
This release fixes one security issue that is critical for installations @@ -103,6 +132,12 @@
Security Fixes In This 3.2.x Release
+3.2.3
+ +This release fixes one security issue related to attachments. See the + Security Advisory + for details.
+3.2.2
This release fixes one security issue that is critical for installations @@ -720,7 +755,7 @@
- For users of Firefox 2, the
show_bug.cgi
user interface - should no longer "collapse" after you modify a [% terms.bug %]. + should no longer "collapse" after you modify [% terms.abug %]. ([% terms.Bug %] 370739)- If you can bless a group, and you share a saved search with that group, it will no longer automatically appear in all of that group's @@ -740,7 +775,7 @@ There should now be no remaining signficant problems with running [%+ terms.Bugzilla %] under mod_perl. ([% terms.Bug %] 370398)
-- If moving a [% terms.bug %] between products would remove groups +
- If moving [% terms.abug %] between products would remove groups from the [% terms.bug %], you are now warned. ([% terms.Bug %] 303183)
- On IIS, whenever [% terms.Bugzilla %] threw a warning, it would @@ -1162,7 +1197,7 @@ is a comma-separated list of [% terms.Bugzilla %] users who will get all [% terms.bug %] notifications generated by [% terms.Bugzilla %]. -
Group controls still apply, though, so users who can't see a [% terms.bug %] +
Group controls still apply, though, so users who can't see [% terms.abug %] still won't get notifications about that [% terms.bug %].
Improved UTF-8 Support
@@ -1219,7 +1254,7 @@ in your user preferences.- You can hide obsolete attachments on [% terms.abug %] by clicking "Hide Obsolete" at the bottom of the attachment table.
-- If a [% terms.bug %] has flags set, and you move it to a different +
- If [% terms.abug %] has flags set, and you move it to a different product that has flags with the same name, the flags will be preserved.
- You now can't request a flag to be set by somebody who can't set it @@ -1254,7 +1289,7 @@
- When viewing [% terms.bug %] activity, fields that hold [% terms.bug %] numbers (such as "Blocks") will have the [% terms.bug %] numbers displayed as links to those [% terms.bugs %].
-- When viewing the "Keywords" field in a [% terms.bug %] list, +
- When viewing the "Keywords" field in [% terms.abug %] list, it will be sorted alphabetically, so you can sanely sort a list on that field.
- In most places, the Version field is now sorted using a version-sort @@ -1574,7 +1609,7 @@ sub y { $var++ } Bugzilla::Mailer
- The CheckCanChangeField() subroutine in process_bug.cgi has been moved to Bugzilla::Bug, - and is now a method of a [% terms.bug %] object.
+ and is now a method of [% terms.abug %] object.- The code that used to be in the global/banner.html.tmpl template is now in global/header.html.tmpl. The banner still exists, but the file is empty.
diff --git a/template/en/default/setup/strings.txt.pl b/template/en/default/setup/strings.txt.pl index 51e1ac059..f1b500892 100644 --- a/template/en/default/setup/strings.txt.pl +++ b/template/en/default/setup/strings.txt.pl @@ -52,6 +52,12 @@ then the value of the ##column## column that needs to be fixed: EOT install_module => 'Installing ##module## version ##version##...', + max_allowed_packet => <"found v##ver##", module_not_found => "not found", module_ok => 'ok',