Fix for bug 95731: "INSERT INTO shadowlog" failed because "Table 'shadowlog' not locked", fixed typo in lock tables command.
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net

Fix for bug 95743: the role-accessible checkboxes were getting cleared if a user with group access had to log in to make changes to a public bug.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Fix for bug 95731: "INSERT INTO shadowlog" failed because "Table 'shadowlog' not locked", fixed typo in lock tables command.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net

Fix for bug 95535: the token generator for password resets is allowing the & character to be used for tokens, but wasn't escaping them for the URL it emailed to users to use to get in to reset their password.
Patch by Dave Miller <justdave@syndicomm.com>
r= myk@mozilla.org

Fix for bug 87779: thanks to the new password reset code, there was no clear way to create a new Bugzilla account from the login screen.  There is now a link to createaccount.cgi from the login screen, and the text around the password reset button has been edited so it doesn't sound like you can get a new account by using it (because you can't)
Patch by Dave Miller <justdave@syndicomm.com>
r= myk@mozilla.org

Patch by Gervase Markham <gerv@mozilla.org>
r= justdave@syndicomm.com

Fix for bug 92593: Changing a bugs product will no longer remove the votes from that bug unless the number of votes for a given user is beyond what is allowed per-bug on the new product.  Only the per-bug vote count is checked.  If the user is beyond the per-product vote limit for the new product, it is left alone, on the theory that it's better to preserve the votes on the bug.  The user will be forced to reduce their votes to fit the product limit the next time they try to vote on something.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

r= justdave@syndicomm.com

Fix for bug 26194: There are now substitution parameters available for use in newchangedmail which will include the reason(s)
that the person is receiving the mail in either an email header, the body of the message, or both.  The default newchangedmail
parameter includes these in it.  If you have an existing installation you will need to either hit "reset" next to the
newchangedmail parameter, or add the substitution parameters where you like them according to the instructions given in
editparams.cgi viewed from the web.
Patch by Matthew Tuck <matty@chariot.net.au> and Zach Lipton <zach@zachlipton.com>
r= justdave@syndicomm.com

Fix for bug 39816: Anyone in CC, Reporter, QA Contact, or Asigned To fields can now be given access to view a bug even if the permissions on that bug are set to a group that would normally exclude those people.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Patch by Gervase Markham <gervase.markham@univ.ox.ac.au>
r= justdave@syndicomm.com

More bug 26194: move the reason to the top of the email so that it doesn't look like part of the comment. a=dave

Patch by MattyT <matty@chariot.net.au>, r=zach@zachlipton.com.

Patch by Matthew Tuck <matty@chariot.net.au>

Fix for bug 94618: remove restrictions on valid characters in passwords.  If crypt() takes it, why shouldn't we?
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

fix for bug 66235: process_bug.cgi: multiple product change misses the groupset bit. Patch by Myk <myk@mozilla.org> r=Jake, oh, and it's my first checkin, yahoo!

dbschema.jpg file is changing, though.

in the latest restructuring of the Bugzilla Guide.

be used for 2.14 documentation due to inconsistencies.

Re-fix for bug 55161 - if data is partial in activity table, prepend a ? to indicate that we don't know for sure what got dropped.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net

fix for bug 91903: insecure dependency in require in importxml.pl under taint mode only in Perl 5.005.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

re-fix bug 76154: permissions weren't being set correctly on the .htaccess files when checksetup.pl was run again.  Also adding .htaccess to .cvsignore so it won't show up as ? in cvs diffs and updates.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net

Remove the code for rejecting the version of MySQL with broken encryption (as bugzilla no longer uses MySQL's encrypt routine).  Also, point to mysql.com for downloading newer versions.
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net

Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

Fix for bug 76154: Bugzilla can now optionally provide .htaccess files for Apache to help restrict viewing of private data
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net

Fix for bug 84714 and bug 88797: You can now change bug groups from the "change several bugs" form even if the bugs aren't all in the same groups.  Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to)
Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com>
r= zach@zachlipton.com
a= justdave@syndicomm.com

Fix for bug 84714 and bug 88797: You can now change bug groups from the "change several bugs" form even if the bugs aren't all in the same groups.  Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to)
Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com>
r= zach@zachlipton.com
a= justdave@syndicomm.com

Fix for bugs 55161 and 12819.  The activity log now stores only what's changed in multi-value fields.
r= justdave@syndicomm.com

Re-fix for bug 77699: the undefined error affected other browsers than just IE5, so work around it for all browsers.
Patch by Stephen Lee <slee@uk.bnsmc.com>
r= afranke@ags.uni-sb.de

Patch by Myk Melez <myk@mozilla.org>

Fixing minor problem caused by the original bug 77473 checkin where an SQL error was being produced if you tried to log in
with an invalid username.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database.  Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function.  The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5).  Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column.  As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead.  The user is emailed a temporary identifying token, with a link back to Bugzilla.  They click on the link or paste it into their browser and Bugzilla allows them to change their password.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com, jake@acutex.net

Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk>
r= justdave@syndicomm.com