diff options
| -rw-r--r-- | Bugzilla/Constants.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/Template.pm | 25 | ||||
| -rw-r--r-- | docs/en/xml/Bugzilla-Guide.xml | 4 | ||||
| -rw-r--r-- | template/en/default/pages/release-notes.html.tmpl | 7 |
4 files changed, 21 insertions, 17 deletions
diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm index b8d1a2260..c2fd52a46 100644 --- a/Bugzilla/Constants.pm +++ b/Bugzilla/Constants.pm @@ -212,7 +212,7 @@ use Memoize; # CONSTANTS # # Bugzilla version -use constant BUGZILLA_VERSION => "4.2.8+"; +use constant BUGZILLA_VERSION => "4.2.9+"; # Location of the remote and local XML files to track new releases. use constant REMOTE_FILE => 'http://updates.bugzilla.org/bugzilla-update.xml'; diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index b1bea78e5..d2d6a7dd1 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -162,13 +162,11 @@ sub quoteUrls { # (http://foo/bug#3 for example). Filtering that out filters valid # bug refs out, so we have to do replacements. # mailto can't contain space or #, so we don't have to bother for that - # Do this by escaping \0 to \1\0, and replacing matches with \0\0$count\0\0 - # \0 is used because it's unlikely to occur in the text, so the cost of - # doing this should be very small - - # escape the 2nd escape char we're using - my $chr1 = chr(1); - $text =~ s/\0/$chr1\0/g; + # Do this by replacing matches with \x{FDD2}$count\x{FDD3} + # \x{FDDx} is used because it's unlikely to occur in the text + # and are reserved unicode characters. We disable warnings for now + # until we require Perl 5.13.9 or newer. + no warnings 'utf8'; # If the comment is already wrapped, we should ignore newlines when # looking for matching regexps. Else we should take them into account. @@ -199,11 +197,11 @@ sub quoteUrls { $1, $2, $3, $4, $5, $6, $7, $8, $9, $10]})) - && ("\0\0" . ($count-1) . "\0\0")/egx; + && ("\x{FDD2}" . ($count-1) . "\x{FDD3}")/egx; } else { $text =~ s/$match/($things[$count++] = $replace) - && ("\0\0" . ($count-1) . "\0\0")/egx; + && ("\x{FDD2}" . ($count-1) . "\x{FDD3}")/egx; } } @@ -213,7 +211,7 @@ sub quoteUrls { Bugzilla->params->{'sslbase'})) . ')'; $text =~ s~\b(${urlbase_re}\Qshow_bug.cgi?id=\E([0-9]+)(\#c([0-9]+))?)\b ~($things[$count++] = get_bug_link($3, $1, { comment_num => $5, user => $user })) && - ("\0\0" . ($count-1) . "\0\0") + ("\x{FDD2}" . ($count-1) . "\x{FDD3}") ~egox; # non-mailto protocols @@ -221,7 +219,7 @@ sub quoteUrls { $text =~ s~\b($safe_protocols) ~($tmp = html_quote($1)) && ($things[$count++] = "<a href=\"$tmp\">$tmp</a>") && - ("\0\0" . ($count-1) . "\0\0") + ("\x{FDD2}" . ($count-1) . "\x{FDD3}") ~egox; # We have to quote now, otherwise the html itself is escaped @@ -243,7 +241,7 @@ sub quoteUrls { # BMO: don't make diff view the default for patches (Bug 652332) $text =~ s~\b(attachment$s*\#?$s*(\d+)(?:$s+\[diff\])?(?:\s+\[details\])?) ~($things[$count++] = get_attachment_link($2, $1, $user)) && - ("\0\0" . ($count-1) . "\0\0") + ("\x{FDD2}" . ($count-1) . "\x{FDD3}") ~egmxi; # Current bug ID this comment belongs to @@ -273,9 +271,8 @@ sub quoteUrls { # Now remove the encoding hacks in reverse order for (my $i = $#things; $i >= 0; $i--) { - $text =~ s/\0\0($i)\0\0/$things[$i]/eg; + $text =~ s/\x{FDD2}($i)\x{FDD3}/$things[$i]/eg; } - $text =~ s/$chr1\0/\0/g; return $text; } diff --git a/docs/en/xml/Bugzilla-Guide.xml b/docs/en/xml/Bugzilla-Guide.xml index a12a0239b..77f48da2e 100644 --- a/docs/en/xml/Bugzilla-Guide.xml +++ b/docs/en/xml/Bugzilla-Guide.xml @@ -32,9 +32,9 @@ For a devel release, simple bump bz-ver and bz-date --> -<!ENTITY bz-ver "4.2.8+"> +<!ENTITY bz-ver "4.2.9+"> <!ENTITY bz-nextver "4.4"> -<!ENTITY bz-date "2014-04-17"> +<!ENTITY bz-date "2014-04-18"> <!ENTITY current-year "2014"> <!ENTITY landfillbase "http://landfill.bugzilla.org/bugzilla-4.2-branch/"> diff --git a/template/en/default/pages/release-notes.html.tmpl b/template/en/default/pages/release-notes.html.tmpl index c91dd77a7..f06c7450e 100644 --- a/template/en/default/pages/release-notes.html.tmpl +++ b/template/en/default/pages/release-notes.html.tmpl @@ -53,6 +53,13 @@ <h2 id="v42_point">Updates in this 4.2.x Release</h2> +<h3>4.2.9</h3> + +<p>This release fixes one regression introduced in [% terms.Bugzilla %] 4.2.8 by + <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=968576">security [% terms.bug %] 968576</a>: + URLs in [% terms.bug %] comments are displayed correctly again. + (<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=998323">[% terms.Bug %] 998323</a>)</p> + <h3>4.2.8</h3> <p>This release fixes one minor security issue. See the |