Patch by Christopher Aillon <christopher@aillon.com>
r= jake@acutex.net

Patch by Christopher Aillon <christopher@aillon.com>
r= jake@acutex.net

Patch by Matthew Tuck <matty@chariot.net.au>
r= jake@acutex.net

Fix for bug 95235: variables with untrusted content were being echoed back to the user in error messages.  Those variables are now run through html_quote() first.
Patch by Gavin Shelley <gavins@iplbath.com>
r= justdave@syndicomm.com

note, caution, and tip entries.

known outstanding doc bug! Yay release.
Still many things to fix. Aren't there always?

Fix for bug 96085: don't allow unauthorized users to access restricted bugs that do not have a QA contact.
Patch by Myk Melez <myk@mozilla.org>
r=Jake <jake@acutex.net>

Fix for bug 95890: Correctly convert/record keyword changes in the bugs_activity table for keywords containing a plus sign or other
regular expression meta-characters.  Myk's first ever Bugzilla checkin!
Patch by Dave Miller <justdave@syndicomm.com> and Myk Melez <myk@mozilla.org>.
r=myk@mozilla.org,justdave@syndicomm.com

Refixing bug 95875 - The code that breakes the typed in CC list into individual lists is now slightly more robust and allows perl to handle the splitting more efficiently (by using a space as the delimiter).
r= myk@mozilla.org

Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Fix for bug 95747 - CC List validation (for additions) wasn't happening until after the bug's changes were in the process of being commited.  This caused problems if a typo was made in the e-mail address.
r= myk@mozilla.org

Fix for bug 95731: "INSERT INTO shadowlog" failed because "Table 'shadowlog' not locked", fixed typo in lock tables command.
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net

Fix for bug 95743: the role-accessible checkboxes were getting cleared if a user with group access had to log in to make changes to a public bug.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Fix for bug 95731: "INSERT INTO shadowlog" failed because "Table 'shadowlog' not locked", fixed typo in lock tables command.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net

Fix for bug 95535: the token generator for password resets is allowing the & character to be used for tokens, but wasn't escaping them for the URL it emailed to users to use to get in to reset their password.
Patch by Dave Miller <justdave@syndicomm.com>
r= myk@mozilla.org

Fix for bug 87779: thanks to the new password reset code, there was no clear way to create a new Bugzilla account from the login screen.  There is now a link to createaccount.cgi from the login screen, and the text around the password reset button has been edited so it doesn't sound like you can get a new account by using it (because you can't)
Patch by Dave Miller <justdave@syndicomm.com>
r= myk@mozilla.org

Patch by Gervase Markham <gerv@mozilla.org>
r= justdave@syndicomm.com

Fix for bug 92593: Changing a bugs product will no longer remove the votes from that bug unless the number of votes for a given user is beyond what is allowed per-bug on the new product.  Only the per-bug vote count is checked.  If the user is beyond the per-product vote limit for the new product, it is left alone, on the theory that it's better to preserve the votes on the bug.  The user will be forced to reduce their votes to fit the product limit the next time they try to vote on something.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

r= justdave@syndicomm.com

Fix for bug 26194: There are now substitution parameters available for use in newchangedmail which will include the reason(s)
that the person is receiving the mail in either an email header, the body of the message, or both.  The default newchangedmail
parameter includes these in it.  If you have an existing installation you will need to either hit "reset" next to the
newchangedmail parameter, or add the substitution parameters where you like them according to the instructions given in
editparams.cgi viewed from the web.
Patch by Matthew Tuck <matty@chariot.net.au> and Zach Lipton <zach@zachlipton.com>
r= justdave@syndicomm.com

Fix for bug 39816: Anyone in CC, Reporter, QA Contact, or Asigned To fields can now be given access to view a bug even if the permissions on that bug are set to a group that would normally exclude those people.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

Patch by Gervase Markham <gervase.markham@univ.ox.ac.au>
r= justdave@syndicomm.com

More bug 26194: move the reason to the top of the email so that it doesn't look like part of the comment. a=dave

Patch by MattyT <matty@chariot.net.au>, r=zach@zachlipton.com.

Patch by Matthew Tuck <matty@chariot.net.au>

Fix for bug 94618: remove restrictions on valid characters in passwords.  If crypt() takes it, why shouldn't we?
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com

fix for bug 66235: process_bug.cgi: multiple product change misses the groupset bit. Patch by Myk <myk@mozilla.org> r=Jake, oh, and it's my first checkin, yahoo!

dbschema.jpg file is changing, though.

in the latest restructuring of the Bugzilla Guide.

be used for 2.14 documentation due to inconsistencies.

Re-fix for bug 55161 - if data is partial in activity table, prepend a ? to indicate that we don't know for sure what got dropped.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net

fix for bug 91903: insecure dependency in require in importxml.pl under taint mode only in Perl 5.005.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com

re-fix bug 76154: permissions weren't being set correctly on the .htaccess files when checksetup.pl was run again.  Also adding .htaccess to .cvsignore so it won't show up as ? in cvs diffs and updates.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net