diff --git a/Bug.pm b/Bug.pm
index 76ea56156970553ae36bb3e218d963158cdb5e1e..6c230ad5d3feafcc21ac8daf88988c1f191aee36 100755
--- a/Bug.pm
+++ b/Bug.pm
@@ -33,6 +33,9 @@ package Bug;
 use CGI::Carp qw(fatalsToBrowser);
 my %ok_field;
 
+@::legal_keywords = @::legal_keywords; # kill "used only once" warning
+$::unconfirmedstate = $::unconfirmedstate;
+
 for my $key (qw (bug_id product version rep_platform op_sys bug_status 
                 resolution priority bug_severity component assigned_to
                 reporter bug_file_loc short_desc target_milestone 
diff --git a/CGI.pl b/CGI.pl
index 2cf6ffeca8a846198d9f7578a8db07a6dfd97fe1..a4c94a868b2fc2c5c46232b813ee7e57b338d19b 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -864,6 +864,21 @@ sub confirm_login {
          exit;
        }
 
+       # if no password was provided, then fail the authentication
+       # while it may be valid to not have an LDAP password, when you
+       # bind without a password (regardless of the binddn value), you
+       # will get an anonymous bind.  I do not know of a way to determine
+       # whether a bind is anonymous or not without making changes to the
+       # LDAP access control settings
+       if ( ! $::FORM{"LDAP_password"} ) {
+         print "Content-type: text/html\n\n";
+         PutHeader("Login Failed");
+         print "You did not provide a password.\n";
+         print "Please click <b>Back</b> and try again.\n";
+         PutFooter();
+         exit;
+       }
+
        # We've got our anonymous bind;  let's look up this user.
        my $dnEntry = $LDAPconn->search(Param("LDAPBaseDN"),"subtree","uid=".$::FORM{"LDAP_login"});
        if(!$dnEntry) {
diff --git a/CVS/Entries b/CVS/Entries
index af9f3d3ddddb648ca7a510d878a7143632f90b5b..31642fd230d293acfc337c906f164f5fa1cff5e3 100644
--- a/CVS/Entries
+++ b/CVS/Entries
@@ -1,76 +1,78 @@
-/.cvsignore/1.4/Wed Jul 25 07:26:42 2001//TBUGZILLA-2_14
-/1x1.gif/1.1/Wed Aug 26 06:14:15 1998/-kb/TBUGZILLA-2_14
-/Bug.pm/1.6/Mon Feb 26 23:46:01 2001//TBUGZILLA-2_14
-/CGI.pl/1.100/Sun Aug 26 18:51:45 2001//TBUGZILLA-2_14
-/README/1.50/Sat Aug 11 19:56:40 2001//TBUGZILLA-2_14
-/RelationSet.pm/1.5/Fri Jun  1 02:14:23 2001//TBUGZILLA-2_14
-/Token.pm/1.3/Fri Aug 17 08:38:54 2001//TBUGZILLA-2_14
-/UPGRADING/1.1/Fri Aug 10 22:35:21 2001//TBUGZILLA-2_14
-/UPGRADING-pre-2.8/1.1/Fri Aug 10 22:35:22 2001//TBUGZILLA-2_14
-/ant.jpg/1.2/Wed Aug 26 22:36:05 1998/-kb/TBUGZILLA-2_14
-/booleanchart.html/1.3/Wed Aug 16 23:07:37 2000//TBUGZILLA-2_14
-/bug_form.pl/1.70/Fri Aug 17 11:15:04 2001//TBUGZILLA-2_14
-/bug_status.html/1.11/Mon Aug 28 17:48:56 2000//TBUGZILLA-2_14
-/buglist.cgi/1.139/Fri Aug 24 17:32:24 2001//TBUGZILLA-2_14
-/bugwritinghelp.html/1.1/Tue Mar  7 17:59:38 2000//TBUGZILLA-2_14
-/bugzilla.dtd/1.2/Fri May 26 06:34:45 2000//TBUGZILLA-2_14
-/changepassword.cgi/1.19/Tue Jan 25 07:53:29 2000//TBUGZILLA-2_14
-/checksetup.pl/1.99/Sun Aug 19 18:26:21 2001//TBUGZILLA-2_14
-/colchange.cgi/1.17/Fri Jun  1 02:07:28 2001//TBUGZILLA-2_14
-/collectstats.pl/1.20/Wed Jun  6 21:17:40 2001//TBUGZILLA-2_14
-/confirmhelp.html/1.2/Mon Aug 28 17:48:58 2000//TBUGZILLA-2_14
-/createaccount.cgi/1.11/Wed Jul 11 05:29:18 2001//TBUGZILLA-2_14
-/createattachment.cgi/1.13/Tue Apr  3 20:42:58 2001//TBUGZILLA-2_14
-/defparams.pl/1.56/Sat Aug 25 00:12:12 2001//TBUGZILLA-2_14
-/describecomponents.cgi/1.6/Wed Jun  6 04:32:45 2001//TBUGZILLA-2_14
-/describekeywords.cgi/1.4/Sat Jan 22 16:51:49 2000//TBUGZILLA-2_14
-/doeditparams.cgi/1.15/Mon Aug 13 19:11:33 2001//TBUGZILLA-2_14
-/doeditvotes.cgi/1.12/Tue Aug 28 17:55:14 2001//TBUGZILLA-2_14
-/duplicates.cgi/1.13/Tue Aug 21 00:36:54 2001//TBUGZILLA-2_14
-/editcomponents.cgi/1.17/Sat Jun 16 14:51:15 2001//TBUGZILLA-2_14
-/editgroups.cgi/1.12/Wed Jun  6 03:16:49 2001//TBUGZILLA-2_14
-/editkeywords.cgi/1.7/Mon Feb 26 23:25:22 2001//TBUGZILLA-2_14
-/editmilestones.cgi/1.5/Sat Jun 16 14:51:16 2001//TBUGZILLA-2_14
-/editparams.cgi/1.12/Mon Aug 13 19:11:33 2001//TBUGZILLA-2_14
-/editproducts.cgi/1.18/Sat Jun 16 14:51:16 2001//TBUGZILLA-2_14
-/editusers.cgi/1.23/Wed Jul 11 05:29:19 2001//TBUGZILLA-2_14
-/editversions.cgi/1.8/Tue Jun 19 01:37:02 2001//TBUGZILLA-2_14
-/enter_bug.cgi/1.50/Sun Jul  1 02:00:56 2001//TBUGZILLA-2_14
-/globals.pl/1.110/Wed Aug 29 19:52:13 2001//TBUGZILLA-2_14
-/help.html/1.4/Fri Jan 21 22:01:11 2000//TBUGZILLA-2_14
-/helpemailquery.html/1.1/Tue Jan 19 00:07:45 1999//TBUGZILLA-2_14
-/how_to_mail.html/1.2/Mon Nov  1 23:33:16 1999//TBUGZILLA-2_14
-/importxml.pl/1.18/Wed Jul 25 20:12:00 2001//TBUGZILLA-2_14
-/index.html/1.12/Wed Feb 28 23:07:24 2001//TBUGZILLA-2_14
-/localconfig.js/1.1/Wed Feb 28 23:07:25 2001//TBUGZILLA-2_14
-/long_list.cgi/1.15/Mon Aug  7 22:59:55 2000//TBUGZILLA-2_14
-/move.pl/1.6/Fri Jul 20 15:18:30 2001//TBUGZILLA-2_14
-/new_comment.cgi/1.5/Thu Jul 27 20:10:16 2000//TBUGZILLA-2_14
-/notargetmilestone.html/1.2/Mon Aug 28 17:48:59 2000//TBUGZILLA-2_14
-/post_bug.cgi/1.34/Wed Jun 27 02:31:55 2001//TBUGZILLA-2_14
-/process_bug.cgi/1.96/Sun Aug 26 22:58:34 2001//TBUGZILLA-2_14
-/processmail/1.68/Mon Aug 13 17:06:38 2001//TBUGZILLA-2_14
-/query.cgi/1.85/Mon Aug 13 19:11:35 2001//TBUGZILLA-2_14
-/queryhelp.cgi/1.4/Mon Apr 23 22:16:12 2001//TBUGZILLA-2_14
-/quicksearch.html/1.1/Wed Feb 28 23:07:26 2001//TBUGZILLA-2_14
-/quicksearch.js/1.7/Fri Jul 20 08:25:30 2001//TBUGZILLA-2_14
-/quicksearchhack.html/1.2/Wed Feb 28 23:08:52 2001//TBUGZILLA-2_14
-/quips.cgi/1.1/Tue May 29 04:01:48 2001//TBUGZILLA-2_14
-/relogin.cgi/1.10/Tue Jan 18 14:41:00 2000//TBUGZILLA-2_14
-/reports.cgi/1.47/Sun Jul  1 19:09:29 2001//TBUGZILLA-2_14
-/robots.txt/1.1/Fri Jul 28 21:28:39 2000//TBUGZILLA-2_14
-/sanitycheck.cgi/1.33/Wed Jul 11 05:29:20 2001//TBUGZILLA-2_14
-/show_activity.cgi/1.6/Fri Jun  1 13:38:01 2001//TBUGZILLA-2_14
-/show_bug.cgi/1.15/Sat Jun  2 22:02:02 2001//TBUGZILLA-2_14
-/showattachment.cgi/1.7/Wed Jun  6 18:36:25 2001//TBUGZILLA-2_14
-/showdependencygraph.cgi/1.10/Thu May 31 15:52:24 2001//TBUGZILLA-2_14
-/showdependencytree.cgi/1.8/Thu May 31 15:52:24 2001//TBUGZILLA-2_14
-/showvotes.cgi/1.9/Thu May 31 15:52:25 2001//TBUGZILLA-2_14
-/syncshadowdb/1.12/Sun Jun 10 17:38:15 2001//TBUGZILLA-2_14
-/token.cgi/1.2/Fri Aug 17 12:42:34 2001//TBUGZILLA-2_14
-/userprefs.cgi/1.20/Wed Jul 11 05:29:21 2001//TBUGZILLA-2_14
-/votehelp.html/1.5/Thu Jan 25 04:56:14 2001//TBUGZILLA-2_14
-/whineatnews.pl/1.4/Mon Nov  1 23:33:22 1999//TBUGZILLA-2_14
-/xml.cgi/1.2/Mon Jun 12 06:52:41 2000//TBUGZILLA-2_14
+/.cvsignore/1.4/Wed Jul 25 07:26:42 2001//TBUGZILLA-2_14_1
+/1x1.gif/1.1/Wed Aug 26 06:14:15 1998/-kb/TBUGZILLA-2_14_1
+/Bug.pm/1.6.6.1/Sat Nov 17 07:41:52 2001//TBUGZILLA-2_14_1
+/CGI.pl/1.100.2.1/Sun Dec  9 16:02:46 2001//TBUGZILLA-2_14_1
+/README/1.50/Sat Aug 11 19:56:40 2001//TBUGZILLA-2_14_1
+/RelationSet.pm/1.5/Fri Jun  1 02:14:23 2001//TBUGZILLA-2_14_1
+/Token.pm/1.3/Fri Aug 17 08:38:54 2001//TBUGZILLA-2_14_1
+/UPGRADING/1.1/Fri Aug 10 22:35:21 2001//TBUGZILLA-2_14_1
+/UPGRADING-pre-2.8/1.1/Fri Aug 10 22:35:22 2001//TBUGZILLA-2_14_1
+/ant.jpg/1.2/Wed Aug 26 22:36:05 1998/-kb/TBUGZILLA-2_14_1
+/booleanchart.html/1.3/Wed Aug 16 23:07:37 2000//TBUGZILLA-2_14_1
+/bug_form.pl/1.70.2.2/Sun Dec  9 20:23:31 2001//TBUGZILLA-2_14_1
+/bug_status.html/1.11/Mon Aug 28 17:48:56 2000//TBUGZILLA-2_14_1
+/buglist.cgi/1.139.2.2/Sun Dec 30 05:41:44 2001//TBUGZILLA-2_14_1
+/bugwritinghelp.html/1.1/Tue Mar  7 17:59:38 2000//TBUGZILLA-2_14_1
+/bugzilla.dtd/1.2/Fri May 26 06:34:45 2000//TBUGZILLA-2_14_1
+/changepassword.cgi/1.19/Tue Jan 25 07:53:29 2000//TBUGZILLA-2_14_1
+/checksetup.pl/1.99/Sun Aug 19 18:26:21 2001//TBUGZILLA-2_14_1
+/colchange.cgi/1.17/Fri Jun  1 02:07:28 2001//TBUGZILLA-2_14_1
+/collectstats.pl/1.20/Wed Jun  6 21:17:40 2001//TBUGZILLA-2_14_1
+/confirmhelp.html/1.2/Mon Aug 28 17:48:58 2000//TBUGZILLA-2_14_1
+/createaccount.cgi/1.11/Wed Jul 11 05:29:18 2001//TBUGZILLA-2_14_1
+/createattachment.cgi/1.13/Tue Apr  3 20:42:58 2001//TBUGZILLA-2_14_1
+/defparams.pl/1.56/Sat Aug 25 00:12:12 2001//TBUGZILLA-2_14_1
+/describecomponents.cgi/1.6/Wed Jun  6 04:32:45 2001//TBUGZILLA-2_14_1
+/describekeywords.cgi/1.4/Sat Jan 22 16:51:49 2000//TBUGZILLA-2_14_1
+/doeditparams.cgi/1.15/Mon Aug 13 19:11:33 2001//TBUGZILLA-2_14_1
+/doeditvotes.cgi/1.12.2.1/Mon Nov 26 04:53:28 2001//TBUGZILLA-2_14_1
+/duplicates.cgi/1.13/Tue Aug 21 00:36:54 2001//TBUGZILLA-2_14_1
+/editcomponents.cgi/1.17/Sat Jun 16 14:51:15 2001//TBUGZILLA-2_14_1
+/editgroups.cgi/1.12/Wed Jun  6 03:16:49 2001//TBUGZILLA-2_14_1
+/editkeywords.cgi/1.7/Mon Feb 26 23:25:22 2001//TBUGZILLA-2_14_1
+/editmilestones.cgi/1.5/Sat Jun 16 14:51:16 2001//TBUGZILLA-2_14_1
+/editparams.cgi/1.12/Mon Aug 13 19:11:33 2001//TBUGZILLA-2_14_1
+/editproducts.cgi/1.18/Sat Jun 16 14:51:16 2001//TBUGZILLA-2_14_1
+/editusers.cgi/1.23.2.1/Sat Nov 17 08:18:33 2001//TBUGZILLA-2_14_1
+/editversions.cgi/1.8/Tue Jun 19 01:37:02 2001//TBUGZILLA-2_14_1
+/enter_bug.cgi/1.50/Sun Jul  1 02:00:56 2001//TBUGZILLA-2_14_1
+/globals.pl/1.110.2.2/Thu Jan  3 06:15:55 2002//TBUGZILLA-2_14_1
+/help.html/1.4/Fri Jan 21 22:01:11 2000//TBUGZILLA-2_14_1
+/helpemailquery.html/1.1/Tue Jan 19 00:07:45 1999//TBUGZILLA-2_14_1
+/how_to_mail.html/1.2/Mon Nov  1 23:33:16 1999//TBUGZILLA-2_14_1
+/importxml.pl/1.18/Wed Jul 25 20:12:00 2001//TBUGZILLA-2_14_1
+/index.html/1.12/Wed Feb 28 23:07:24 2001//TBUGZILLA-2_14_1
+/localconfig.js/1.1/Wed Feb 28 23:07:25 2001//TBUGZILLA-2_14_1
+/long_list.cgi/1.15.2.1/Sat Nov 17 08:34:46 2001//TBUGZILLA-2_14_1
+/move.pl/1.6/Fri Jul 20 15:18:30 2001//TBUGZILLA-2_14_1
+/new_comment.cgi/1.5/Thu Jul 27 20:10:16 2000//TBUGZILLA-2_14_1
+/notargetmilestone.html/1.2/Mon Aug 28 17:48:59 2000//TBUGZILLA-2_14_1
+/post_bug.cgi/1.34.2.1/Sat Nov 17 08:01:54 2001//TBUGZILLA-2_14_1
+/process_bug.cgi/1.96.2.1/Sat Nov 17 07:54:18 2001//TBUGZILLA-2_14_1
+/processmail/1.68/Mon Aug 13 17:06:38 2001//TBUGZILLA-2_14_1
+/query.cgi/1.85/Mon Aug 13 19:11:35 2001//TBUGZILLA-2_14_1
+/queryhelp.cgi/1.4/Mon Apr 23 22:16:12 2001//TBUGZILLA-2_14_1
+/quicksearch.html/1.1/Wed Feb 28 23:07:26 2001//TBUGZILLA-2_14_1
+/quicksearch.js/1.7/Fri Jul 20 08:25:30 2001//TBUGZILLA-2_14_1
+/quicksearchhack.html/1.2/Wed Feb 28 23:08:52 2001//TBUGZILLA-2_14_1
+/quips.cgi/1.1/Tue May 29 04:01:48 2001//TBUGZILLA-2_14_1
+/relogin.cgi/1.10/Tue Jan 18 14:41:00 2000//TBUGZILLA-2_14_1
+/reports.cgi/1.47/Sun Jul  1 19:09:29 2001//TBUGZILLA-2_14_1
+/robots.txt/1.1/Fri Jul 28 21:28:39 2000//TBUGZILLA-2_14_1
+/runtests.sh/1.4.6.1/Sat Nov 17 07:41:52 2001//TBUGZILLA-2_14_1
+/sanitycheck.cgi/1.33/Wed Jul 11 05:29:20 2001//TBUGZILLA-2_14_1
+/show_activity.cgi/1.6/Fri Jun  1 13:38:01 2001//TBUGZILLA-2_14_1
+/show_bug.cgi/1.15/Sat Jun  2 22:02:02 2001//TBUGZILLA-2_14_1
+/showattachment.cgi/1.7/Wed Jun  6 18:36:25 2001//TBUGZILLA-2_14_1
+/showdependencygraph.cgi/1.10/Thu May 31 15:52:24 2001//TBUGZILLA-2_14_1
+/showdependencytree.cgi/1.8/Thu May 31 15:52:24 2001//TBUGZILLA-2_14_1
+/showvotes.cgi/1.9/Thu May 31 15:52:25 2001//TBUGZILLA-2_14_1
+/syncshadowdb/1.12/Sun Jun 10 17:38:15 2001//TBUGZILLA-2_14_1
+/token.cgi/1.2/Fri Aug 17 12:42:34 2001//TBUGZILLA-2_14_1
+/userprefs.cgi/1.20.2.1/Sat Nov 17 08:24:08 2001//TBUGZILLA-2_14_1
+/votehelp.html/1.5/Thu Jan 25 04:56:14 2001//TBUGZILLA-2_14_1
+/whineatnews.pl/1.4/Mon Nov  1 23:33:22 1999//TBUGZILLA-2_14_1
+/xml.cgi/1.2/Mon Jun 12 06:52:41 2000//TBUGZILLA-2_14_1
 D/contrib////
 D/docs////
+D/t////
diff --git a/CVS/Tag b/CVS/Tag
index c10f87310f020d45437be8716d7c8f95acc569ad..705dc0579c785225ce6f96af498f7679df64b43d 100644
--- a/CVS/Tag
+++ b/CVS/Tag
@@ -1 +1 @@
-NBUGZILLA-2_14
+NBUGZILLA-2_14_1
diff --git a/bug_form.pl b/bug_form.pl
index c554cb0b079ce33705e6f996dcf019341684c739..4ffb82f757d5588db56ca1f66b30517dd0b86e91 100644
--- a/bug_form.pl
+++ b/bug_form.pl
@@ -38,7 +38,6 @@ sub bug_form_pl_sillyness {
     $zz = @::legal_keywords;
     $zz = @::legal_opsys;
     $zz = @::legal_platform;
-    $zz = @::legal_product;
     $zz = @::legal_priority;
     $zz = @::settable_resolution;
     $zz = @::legal_severity;
@@ -149,6 +148,50 @@ if (defined $URL && $URL ne "none" && $URL ne "NULL" && $URL ne "") {
     $URL = "<B>URL:</B>";
 }
 
+#
+# Make a list of products the user has access to
+#
+
+my (@prodlist, $product_popup);
+foreach my $p (sort(keys %::versions)) {
+    if ($p eq $bug{'product'}) {
+        # if it's the product the bug is already in, it's ALWAYS in
+        # the popup, period, whether the user can see it or not, and
+        # regardless of the disallownew setting.
+        push(@prodlist, $p);
+        next;
+    }
+    if (defined $::proddesc{$p} && $::proddesc{$p} eq '0') {
+        # Special hack.  If we stuffed a "0" into proddesc, that means
+        # that disallownew was set for this bug, and so we don't want
+        # to allow people to specify that product here.
+        next;
+    }
+    if(Param("usebuggroupsentry")
+        && GroupExists($p)
+        && !UserInGroup($p))
+    {
+        # If we're using bug groups to restrict entry on products, and
+        # this product has a bug group, and the user is not in that
+        # group, we don't want to include that product in this list.
+        next;
+    }
+    push(@prodlist, $p);
+}
+
+# If the user has access to multiple products, display a popup, otherwise 
+# display the current product.
+
+if (1 < @prodlist) {
+    $product_popup = "<SELECT NAME=product>" .
+        make_options(\@prodlist, $bug{'product'}) .
+        "</SELECT>";
+}
+else {
+    $product_popup = $bug{'product'} .
+        "<INPUT TYPE=\"HIDDEN\" NAME=\"product\" VALUE=\"$bug{'product'}\">";
+}
+
 print "
 <INPUT TYPE=HIDDEN NAME=\"delta_ts\" VALUE=\"$bug{'delta_ts'}\">
 <INPUT TYPE=HIDDEN NAME=\"longdesclength\" VALUE=\"$longdesclength\">
@@ -162,9 +205,7 @@ print "
     <TD ALIGN=RIGHT><B>Reporter:</B></TD><TD>$bug{'reporter'}</TD>
 </TR><TR>
     <TD ALIGN=RIGHT><B>Product:</B></TD>
-    <TD><SELECT NAME=product>" .
-    make_options(\@::legal_product, $bug{'product'}) .
-    "</SELECT></TD>
+    <TD>$product_popup</TD>
   <TD>&nbsp;</TD>
     <TD ALIGN=RIGHT><B>OS:</B></TD>
     <TD><SELECT NAME=op_sys>" .
diff --git a/buglist.cgi b/buglist.cgi
index 2b2a394bf73f4b0193680da38c81c02d60e1ab57..0a6aa2b3a2c1676aa6581500a21e137f6d46650f 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -188,10 +188,14 @@ sub GenerateSQL {
         push(@specialchart, ["bug_id", $type, join(',', @{$M{'bug_id'}})]);
     }
 
-    if (defined $F{'sql'}) {
-        die "Invalid sql: $F{'sql'}" if $F{'sql'} =~ /;/;
-        push(@wherepart, "( $F{'sql'} )");
-    }
+# This is evil.  We should never allow a user to directly append SQL to
+# any query without a huge amount of validation.  Even then, it would
+# be a bad idea.  Beware that uncommenting this will allow someone to
+# peak at virtually anything they want in the bugs database.
+#    if (defined $F{'sql'}) {
+#        die "Invalid sql: $F{'sql'}" if $F{'sql'} =~ /;/;
+#        push(@wherepart, "( $F{'sql'} )");
+#    }
 
     my @legal_fields = ("product", "version", "rep_platform", "op_sys",
                         "bug_status", "resolution", "priority", "bug_severity",
@@ -589,7 +593,14 @@ sub GenerateSQL {
         push(@funcnames, $key);
     }
 
+    # first we delete any sign of "Chart #-1" from the HTML form hash
+    # since we want to guarantee the user didn't hide something here
+    my @badcharts = grep /^(field|type|value)-1-/, (keys %F);
+    foreach my $field (@badcharts) {
+        delete $F{$field};
+    }
 
+    # now we take our special chart and stuff it into the form hash
     my $chart = -1;
     my $row = 0;
     foreach my $ref (@specialchart) {
@@ -688,6 +699,13 @@ sub GenerateSQL {
 #               out duplicates.
 # $suppstring = String which is pasted into query containing all table names
 
+    # get a list of field names to verify the user-submitted chart fields against
+    my %chartfields;
+    SendSQL("SELECT name FROM fielddefs");
+    while (MoreSQLData()) {
+        my ($name) = FetchSQLData();
+        $chartfields{$name} = 1;
+    }
 
     $row = 0;
     for ($chart=-1 ;
@@ -709,6 +727,16 @@ sub GenerateSQL {
                 if ($f eq "noop" || $t eq "noop" || $v eq "") {
                     next;
                 }
+                # chart -1 is generated by other code above, not from the user-
+                # submitted form, so we'll blindly accept any values in chart -1
+                if ((!$chartfields{$f}) && ($chart != -1)) {
+                    my $errstr = "Can't use " . html_quote($f) . " as a field name.  " .
+                        "If you think you're getting this in error, please copy the " .
+                        "entire URL out of the address bar at the top of your browser " .
+                        "window and email it to <109679\@bugzilla.org>";
+                    die "Internal error: $errstr" if $chart < 0;
+                    return Error($errstr);
+                }
                 $q = SqlQuote($v);
                 my $func;
                 $term = undef;
diff --git a/contrib/CVS/Entries b/contrib/CVS/Entries
index 8936418e775f061fe77d78285e78bef05acdc7b3..e5ac2507a5bd5a0b77924c7188012239113d822d 100644
--- a/contrib/CVS/Entries
+++ b/contrib/CVS/Entries
@@ -1,12 +1,12 @@
-/BugzillaEmail.pm/1.1/Wed Mar 15 22:29:44 2000//TBUGZILLA-2_14
-/README/1.4/Sun Apr 22 18:13:40 2001//TBUGZILLA-2_14
-/README.Mailif/1.3/Wed Mar 15 23:39:03 2000//TBUGZILLA-2_14
-/bug_email.pl/1.9/Fri May 25 12:48:47 2001//TBUGZILLA-2_14
-/bugmail_help.html/1.1/Tue Mar  7 17:36:48 2000//TBUGZILLA-2_14
-/bugzilla.procmailrc/1.1/Wed Mar 15 23:39:09 2000//TBUGZILLA-2_14
-/bugzilla_email_append.pl/1.2/Wed Mar 15 23:39:11 2000//TBUGZILLA-2_14
-/cvs-update.sh/1.1/Wed Apr 18 18:01:28 2001//TBUGZILLA-2_14
-/gnats2bz.pl/1.5/Thu Nov 18 17:29:58 1999//TBUGZILLA-2_14
-/mysqld-watcher.pl/1.2/Fri Jun  1 08:34:45 2001//TBUGZILLA-2_14
-/yp_nomail.sh/1.1/Tue Sep 12 23:50:31 2000//TBUGZILLA-2_14
+/BugzillaEmail.pm/1.1/Wed Mar 15 22:29:44 2000//TBUGZILLA-2_14_1
+/README/1.4/Sun Apr 22 18:13:40 2001//TBUGZILLA-2_14_1
+/README.Mailif/1.3/Wed Mar 15 23:39:03 2000//TBUGZILLA-2_14_1
+/bug_email.pl/1.9/Fri May 25 12:48:47 2001//TBUGZILLA-2_14_1
+/bugmail_help.html/1.1/Tue Mar  7 17:36:48 2000//TBUGZILLA-2_14_1
+/bugzilla.procmailrc/1.1/Wed Mar 15 23:39:09 2000//TBUGZILLA-2_14_1
+/bugzilla_email_append.pl/1.2/Wed Mar 15 23:39:11 2000//TBUGZILLA-2_14_1
+/cvs-update.sh/1.1/Wed Apr 18 18:01:28 2001//TBUGZILLA-2_14_1
+/gnats2bz.pl/1.5/Thu Nov 18 17:29:58 1999//TBUGZILLA-2_14_1
+/mysqld-watcher.pl/1.2/Fri Jun  1 08:34:45 2001//TBUGZILLA-2_14_1
+/yp_nomail.sh/1.1/Tue Sep 12 23:50:31 2000//TBUGZILLA-2_14_1
 D
diff --git a/contrib/CVS/Tag b/contrib/CVS/Tag
index c10f87310f020d45437be8716d7c8f95acc569ad..705dc0579c785225ce6f96af498f7679df64b43d 100644
--- a/contrib/CVS/Tag
+++ b/contrib/CVS/Tag
@@ -1 +1 @@
-NBUGZILLA-2_14
+NBUGZILLA-2_14_1
diff --git a/docs/CVS/Entries b/docs/CVS/Entries
index 2863ba15eae1d477ec8f1a0920d8ec2c0372b38f..f633eb61d9a3e88846e69282358e7a4e79ef7fec 100644
--- a/docs/CVS/Entries
+++ b/docs/CVS/Entries
@@ -1,6 +1,6 @@
-/README.docs/1.3/Wed Aug 22 03:44:14 2001//TBUGZILLA-2_14
-/rel_notes.txt/1.5/Wed Aug 29 19:39:01 2001//TBUGZILLA-2_14
+/README.docs/1.3/Wed Aug 22 03:44:14 2001//TBUGZILLA-2_14_1
 D/html////
 D/images////
 D/sgml////
 D/txt////
+/rel_notes.txt/1.5.10.1/Sat Jan  5 20:00:50 2002//TBUGZILLA-2_14_1
diff --git a/docs/CVS/Tag b/docs/CVS/Tag
index c10f87310f020d45437be8716d7c8f95acc569ad..705dc0579c785225ce6f96af498f7679df64b43d 100644
--- a/docs/CVS/Tag
+++ b/docs/CVS/Tag
@@ -1 +1 @@
-NBUGZILLA-2_14
+NBUGZILLA-2_14_1
diff --git a/docs/html/CVS/Entries b/docs/html/CVS/Entries
index 13c86028311e8e0940ebde2290e7dc02726d68d7..7c8ef0531f9432cb754646849794b196de823299 100644
--- a/docs/html/CVS/Entries
+++ b/docs/html/CVS/Entries
@@ -1,70 +1,70 @@
-/Bugzilla-Guide.html/1.9/Wed Aug 29 18:13:38 2001//TBUGZILLA-2_14
-/about.html/1.4/Fri Aug 10 22:26:40 2001//TBUGZILLA-2_14
-/aboutthisguide.html/1.6/Wed Aug 29 17:25:25 2001//TBUGZILLA-2_14
-/administration.html/1.5/Wed Aug 22 03:44:17 2001//TBUGZILLA-2_14
-/bonsai.html/1.5/Wed Aug 22 03:44:17 2001//TBUGZILLA-2_14
-/bsdinstall.html/1.1/Fri Aug 10 22:26:42 2001//TBUGZILLA-2_14
-/bzhacking.html/1.1/Wed Aug 29 17:25:25 2001//TBUGZILLA-2_14
-/cmdline.html/1.5/Wed Aug 22 03:44:18 2001//TBUGZILLA-2_14
-/contributors.html/1.5/Wed Aug 29 17:25:25 2001//TBUGZILLA-2_14
-/conventions.html/1.5/Wed Aug 22 03:44:18 2001//TBUGZILLA-2_14
-/copyright.html/1.6/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14
-/credits.html/1.5/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14
-/cvs.html/1.6/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14
-/database.html/1.4/Fri Aug 10 22:26:44 2001//TBUGZILLA-2_14
-/dbdoc.html/1.6/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14
-/dbschema.html/1.5/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14
-/disclaimer.html/1.4/Fri Aug 10 22:26:46 2001//TBUGZILLA-2_14
-/downloadlinks.html/1.3/Fri Aug 10 22:26:46 2001//TBUGZILLA-2_14
-/errata.html/1.1/Fri Aug 10 22:26:47 2001//TBUGZILLA-2_14
-/faq.html/1.7/Wed Aug 29 17:25:27 2001//TBUGZILLA-2_14
-/feedback.html/1.4/Fri Aug 10 22:26:48 2001//TBUGZILLA-2_14
-/future.html/1.6/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14
-/geninstall.html/1.3/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14
-/gfdl.html/1.7/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14
-/gfdl_0.html/1.4/Fri Aug 10 22:26:49 2001//TBUGZILLA-2_14
-/gfdl_1.html/1.4/Fri Aug 10 22:26:49 2001//TBUGZILLA-2_14
-/gfdl_10.html/1.4/Fri Aug 10 22:26:50 2001//TBUGZILLA-2_14
-/gfdl_2.html/1.4/Fri Aug 10 22:26:50 2001//TBUGZILLA-2_14
-/gfdl_3.html/1.4/Fri Aug 10 22:26:51 2001//TBUGZILLA-2_14
-/gfdl_4.html/1.4/Fri Aug 10 22:26:51 2001//TBUGZILLA-2_14
-/gfdl_5.html/1.4/Fri Aug 10 22:26:52 2001//TBUGZILLA-2_14
-/gfdl_6.html/1.4/Fri Aug 10 22:26:52 2001//TBUGZILLA-2_14
-/gfdl_7.html/1.4/Fri Aug 10 22:26:52 2001//TBUGZILLA-2_14
-/gfdl_8.html/1.4/Fri Aug 10 22:26:53 2001//TBUGZILLA-2_14
-/gfdl_9.html/1.4/Fri Aug 10 22:26:53 2001//TBUGZILLA-2_14
-/gfdl_howto.html/1.7/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14
-/glossary.html/1.7/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14
-/granttables.html/1.6/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14
-/how.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14
-/index.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14
-/init4me.html/1.5/Wed Aug 22 03:44:20 2001//TBUGZILLA-2_14
-/installation.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14
-/integration.html/1.5/Wed Aug 22 03:44:20 2001//TBUGZILLA-2_14
-/newversions.html/1.5/Wed Aug 22 03:44:20 2001//TBUGZILLA-2_14
-/osx.html/1.1/Fri Aug 10 22:26:58 2001//TBUGZILLA-2_14
-/patches.html/1.6/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14
-/postinstall-check.html/1.5/Wed Aug 22 03:44:21 2001//TBUGZILLA-2_14
-/programadmin.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14
-/quicksearch.html/1.6/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14
-/rewrite.html/1.1/Wed Aug 22 03:44:21 2001//TBUGZILLA-2_14
-/rhbugzilla.html/1.5/Wed Aug 22 03:44:22 2001//TBUGZILLA-2_14
-/scm.html/1.5/Wed Aug 22 03:44:22 2001//TBUGZILLA-2_14
-/security.html/1.6/Fri Aug 10 22:27:01 2001//TBUGZILLA-2_14
-/setperl.html/1.7/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14
-/stepbystep.html/1.4/Wed Aug 29 18:13:39 2001//TBUGZILLA-2_14
-/tinderbox.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14
-/translations.html/1.4/Fri Aug 10 22:27:03 2001//TBUGZILLA-2_14
-/useradmin.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14
-/using.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14
-/usingbz-conc.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14
-/variant_fenris.html/1.1/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14
-/variant_issuezilla.html/1.1/Wed Aug 22 03:44:24 2001//TBUGZILLA-2_14
-/variant_perforce.html/1.1/Wed Aug 22 03:44:24 2001//TBUGZILLA-2_14
-/variant_scarab.html/1.1/Wed Aug 22 03:44:24 2001//TBUGZILLA-2_14
-/variant_sourceforge.html/1.2/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14
-/variants.html/1.5/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14
-/whatis.html/1.5/Wed Aug 22 03:44:25 2001//TBUGZILLA-2_14
-/why.html/1.5/Wed Aug 22 03:44:26 2001//TBUGZILLA-2_14
-/win32.html/1.3/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14
+/Bugzilla-Guide.html/1.9/Wed Aug 29 18:13:38 2001//TBUGZILLA-2_14_1
+/about.html/1.4/Fri Aug 10 22:26:40 2001//TBUGZILLA-2_14_1
+/aboutthisguide.html/1.6/Wed Aug 29 17:25:25 2001//TBUGZILLA-2_14_1
+/administration.html/1.5/Wed Aug 22 03:44:17 2001//TBUGZILLA-2_14_1
+/bonsai.html/1.5/Wed Aug 22 03:44:17 2001//TBUGZILLA-2_14_1
+/bsdinstall.html/1.1/Fri Aug 10 22:26:42 2001//TBUGZILLA-2_14_1
+/bzhacking.html/1.1/Wed Aug 29 17:25:25 2001//TBUGZILLA-2_14_1
+/cmdline.html/1.5/Wed Aug 22 03:44:18 2001//TBUGZILLA-2_14_1
+/contributors.html/1.5/Wed Aug 29 17:25:25 2001//TBUGZILLA-2_14_1
+/conventions.html/1.5/Wed Aug 22 03:44:18 2001//TBUGZILLA-2_14_1
+/copyright.html/1.6/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14_1
+/credits.html/1.5/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14_1
+/cvs.html/1.6/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14_1
+/database.html/1.4/Fri Aug 10 22:26:44 2001//TBUGZILLA-2_14_1
+/dbdoc.html/1.6/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14_1
+/dbschema.html/1.5/Wed Aug 29 17:25:26 2001//TBUGZILLA-2_14_1
+/disclaimer.html/1.4/Fri Aug 10 22:26:46 2001//TBUGZILLA-2_14_1
+/downloadlinks.html/1.3/Fri Aug 10 22:26:46 2001//TBUGZILLA-2_14_1
+/errata.html/1.1/Fri Aug 10 22:26:47 2001//TBUGZILLA-2_14_1
+/faq.html/1.7/Wed Aug 29 17:25:27 2001//TBUGZILLA-2_14_1
+/feedback.html/1.4/Fri Aug 10 22:26:48 2001//TBUGZILLA-2_14_1
+/future.html/1.6/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14_1
+/geninstall.html/1.3/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14_1
+/gfdl.html/1.7/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14_1
+/gfdl_0.html/1.4/Fri Aug 10 22:26:49 2001//TBUGZILLA-2_14_1
+/gfdl_1.html/1.4/Fri Aug 10 22:26:49 2001//TBUGZILLA-2_14_1
+/gfdl_10.html/1.4/Fri Aug 10 22:26:50 2001//TBUGZILLA-2_14_1
+/gfdl_2.html/1.4/Fri Aug 10 22:26:50 2001//TBUGZILLA-2_14_1
+/gfdl_3.html/1.4/Fri Aug 10 22:26:51 2001//TBUGZILLA-2_14_1
+/gfdl_4.html/1.4/Fri Aug 10 22:26:51 2001//TBUGZILLA-2_14_1
+/gfdl_5.html/1.4/Fri Aug 10 22:26:52 2001//TBUGZILLA-2_14_1
+/gfdl_6.html/1.4/Fri Aug 10 22:26:52 2001//TBUGZILLA-2_14_1
+/gfdl_7.html/1.4/Fri Aug 10 22:26:52 2001//TBUGZILLA-2_14_1
+/gfdl_8.html/1.4/Fri Aug 10 22:26:53 2001//TBUGZILLA-2_14_1
+/gfdl_9.html/1.4/Fri Aug 10 22:26:53 2001//TBUGZILLA-2_14_1
+/gfdl_howto.html/1.7/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14_1
+/glossary.html/1.7/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14_1
+/granttables.html/1.6/Wed Aug 29 17:25:28 2001//TBUGZILLA-2_14_1
+/how.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14_1
+/index.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14_1
+/init4me.html/1.5/Wed Aug 22 03:44:20 2001//TBUGZILLA-2_14_1
+/installation.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14_1
+/integration.html/1.5/Wed Aug 22 03:44:20 2001//TBUGZILLA-2_14_1
+/newversions.html/1.5/Wed Aug 22 03:44:20 2001//TBUGZILLA-2_14_1
+/osx.html/1.1/Fri Aug 10 22:26:58 2001//TBUGZILLA-2_14_1
+/patches.html/1.6/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14_1
+/postinstall-check.html/1.5/Wed Aug 22 03:44:21 2001//TBUGZILLA-2_14_1
+/programadmin.html/1.7/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14_1
+/quicksearch.html/1.6/Wed Aug 29 17:25:29 2001//TBUGZILLA-2_14_1
+/rewrite.html/1.1/Wed Aug 22 03:44:21 2001//TBUGZILLA-2_14_1
+/rhbugzilla.html/1.5/Wed Aug 22 03:44:22 2001//TBUGZILLA-2_14_1
+/scm.html/1.5/Wed Aug 22 03:44:22 2001//TBUGZILLA-2_14_1
+/security.html/1.6/Fri Aug 10 22:27:01 2001//TBUGZILLA-2_14_1
+/setperl.html/1.7/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14_1
+/stepbystep.html/1.4/Wed Aug 29 18:13:39 2001//TBUGZILLA-2_14_1
+/tinderbox.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14_1
+/translations.html/1.4/Fri Aug 10 22:27:03 2001//TBUGZILLA-2_14_1
+/useradmin.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14_1
+/using.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14_1
+/usingbz-conc.html/1.5/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14_1
+/variant_fenris.html/1.1/Wed Aug 22 03:44:23 2001//TBUGZILLA-2_14_1
+/variant_issuezilla.html/1.1/Wed Aug 22 03:44:24 2001//TBUGZILLA-2_14_1
+/variant_perforce.html/1.1/Wed Aug 22 03:44:24 2001//TBUGZILLA-2_14_1
+/variant_scarab.html/1.1/Wed Aug 22 03:44:24 2001//TBUGZILLA-2_14_1
+/variant_sourceforge.html/1.2/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14_1
+/variants.html/1.5/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14_1
+/whatis.html/1.5/Wed Aug 22 03:44:25 2001//TBUGZILLA-2_14_1
+/why.html/1.5/Wed Aug 22 03:44:26 2001//TBUGZILLA-2_14_1
+/win32.html/1.3/Wed Aug 29 17:25:30 2001//TBUGZILLA-2_14_1
 D
diff --git a/docs/html/CVS/Tag b/docs/html/CVS/Tag
index c10f87310f020d45437be8716d7c8f95acc569ad..705dc0579c785225ce6f96af498f7679df64b43d 100644
--- a/docs/html/CVS/Tag
+++ b/docs/html/CVS/Tag
@@ -1 +1 @@
-NBUGZILLA-2_14
+NBUGZILLA-2_14_1
diff --git a/docs/images/CVS/Entries b/docs/images/CVS/Entries
index 06ab4731c3f3fd9e90ed3c18d1ea638d27cd19f6..02f07acab9ea7bc0b72f461f22821bfb097f1c27 100644
--- a/docs/images/CVS/Entries
+++ b/docs/images/CVS/Entries
@@ -1,7 +1,7 @@
-/caution.gif/1.1/Thu Aug 23 14:30:18 2001/-kb/TBUGZILLA-2_14
-/dbschema.jpg/1.1/Wed Aug 29 17:25:34 2001/-kb/TBUGZILLA-2_14
-/dbschema.ps/1.1/Wed Aug 29 17:25:34 2001/-kb/TBUGZILLA-2_14
-/note.gif/1.1/Thu Aug 23 14:30:18 2001/-kb/TBUGZILLA-2_14
-/tip.gif/1.1/Thu Aug 23 14:30:19 2001/-kb/TBUGZILLA-2_14
-/warning.gif/1.1/Thu Aug 23 14:30:20 2001/-kb/TBUGZILLA-2_14
+/caution.gif/1.1/Thu Aug 23 14:30:18 2001/-kb/TBUGZILLA-2_14_1
+/dbschema.jpg/1.1/Wed Aug 29 17:25:34 2001/-kb/TBUGZILLA-2_14_1
+/dbschema.ps/1.1/Wed Aug 29 17:25:34 2001/-kb/TBUGZILLA-2_14_1
+/note.gif/1.1/Thu Aug 23 14:30:18 2001/-kb/TBUGZILLA-2_14_1
+/tip.gif/1.1/Thu Aug 23 14:30:19 2001/-kb/TBUGZILLA-2_14_1
+/warning.gif/1.1/Thu Aug 23 14:30:20 2001/-kb/TBUGZILLA-2_14_1
 D
diff --git a/docs/images/CVS/Tag b/docs/images/CVS/Tag
index c10f87310f020d45437be8716d7c8f95acc569ad..705dc0579c785225ce6f96af498f7679df64b43d 100644
--- a/docs/images/CVS/Tag
+++ b/docs/images/CVS/Tag
@@ -1 +1 @@
-NBUGZILLA-2_14
+NBUGZILLA-2_14_1
diff --git a/docs/rel_notes.txt b/docs/rel_notes.txt
index ad97cb65ac3ceaf5df39b9df8c724a450f4e07d0..74b822652a5b68085381ecf83b38b4496b3d3e9c 100644
--- a/docs/rel_notes.txt
+++ b/docs/rel_notes.txt
@@ -1,10 +1,65 @@
-After many hours of banging heads against brick walls and
-much imbibed caffeine, the Bugzilla team is proud to
-announce Bugzilla 2.14.
+**************************
+*** ABOUT THIS VERSION ***
+**************************
+
+Bugs referenced in the following text are bug numbers on
+bugzilla.mozilla.org.
+
+The 2.14.1 release fixes several security issues that became known to us after 
+the Bugzilla 2.14 release. Please see the upgrade procedure below for details 
+on how to upgrade to 2.14.1.
+
+****************************
+*** Bugs fixed in 2.14.1 ***
+****************************
+
+Bugzilla user account hijacking exploits:
+
+Bug 54901: If LDAP Authentication was being used, Bugzilla would allow you
+to log in as anyone if you left the password blank.
+
+Bug 108385: It was possible to add comments as someone else by editing the
+HTML on the show_bug.cgi page before submitting the form.User identity is
+checked now, and the form values suggesting the username are now ignored.
+
+Bug 108516: It was possible to file a bug as someone else by editing the
+HTML on enter_bug.cgi before submitting the form. User identity is now
+checked and the form values giving user ID are now ignored.
+
+Bugzilla account security:
+
+Bug 102141: The Product popup menu on the show_bug form listed all
+products, even if the user didn't have access to all of them. It now only
+shows products the user has access to (and the product the bug is in, if
+the user is viewing it because of some other override)
+
+Bug 108821: If you had any blessgroupset privs (the ability to change only
+specific privileges for other users), it was possible to change your own
+groupset (privileges) by altering the page HTML before submitting on
+editusers.cgi.
+
+Untrusted variables:
+
+Bug 98146: An untrusted variable was echoed back to user in the HTML output
+if there was a login error while editing votes.
+
+Arbitrary SQL execution:
+
+Bug 108812: buglist.cgi had an undocumented parameter that allowed you to
+pass arbitrary SQL for the "WHERE" part of a query. This has been disabled.
+
+Bug 108822: It was possible for a user to send arbitrary SQL by inserting
+single quotes in the "mybugslink" field in the user preferences.
+
+Bug 109679: buglist.cgi was not validating that the field names being
+passed from the "boolean chart" query form were valid field names, thus
+allowing arbitrary SQL to be inserted if you edited the HTML by hand before
+submitting the form.
+
+Bug 109690: long_list.cgi was not validating that the bug ID parameter was
+actually a number, allowing arbitrary SQL to be inserted if you edited the
+HTML by hand.
 
-This release is primarily a security release, in order to
-rectify security issues.  However, some other important
-changes were made.
 
 Recommended Practice For The Upgrade
 ------------------------------------
@@ -12,329 +67,254 @@ Recommended Practice For The Upgrade
 As always, please ensure you have ran checksetup.pl after
 replacing the files in your installation.
 
-It is recommended that you view the sanity check page
+If you are upgrading from a version prior to 2.14, it is
+recommended that you view the sanity check page
 (sanitycheck.cgi) both before the upgrade and after running
 checksetup.pl after the upgrade, to see if there are any
-problems with your installation.
+problems with your installation.  Of course, it doesn't hurt
+to run it on occasion anyway.
 
 It is also recommended that if you can, you immediately fix
-any problems you find.  Be aware that if the sanity check page
+any problems you find. Be aware that if the sanity check page
 contains more errors after an upgrade, it doesn't necessarily
 mean there are more errors in your database, as it is likely
 they weren't being checked for in the old version.
 
 Administrators must make sure that certain files are
 inaccessible or confidential information might become
-available to enterprising individuals.  This includes the
-localconfig file and the entire data directory.  Please
-see the Bugzilla Guide for more information.
+available to enterprising individuals. This includes the
+localconfig file and the entire data directory. Please
+see the Bugzilla Guide (in the docs/ directory of the bugzilla
+tree) for more information.
 
-**************************
-*** ABOUT THIS VERSION ***
-**************************
 
-Bugs referenced in the following text are bug numbers on
-bugzilla.mozilla.org.
+***************************************
+*** Information on the 2.14 release ***
+***************************************
+
+If you are upgrading from a release earlier than 2.14, you 
+may find it helpful to know about these changes new to 2.14 and 
+2.14.1:
 
 *** IMPORTANT CHANGES ***
 
-- Bugzilla 2.14 no longer supports old email tech.  Upon
-  upgrading, all users will be moved over to new email tech.
-  This should speed up upgrading for installations with
-  a large number of bugs.
-  (bug 71552)
+- Bugzilla 2.14 no longer supports old email tech. Upon
+upgrading, all users will be moved over to new email tech.
+This should speed up upgrading for installations with
+a large number of bugs.
+(bug 71552)
 
 - There is new functionality for people to see why they are
-  receiving notification mails.
+receiving notification mails.
 
-  Previously, some people filtered old email tech
-  notifications depending on whether they were in the To or the
-  CC header, in order to get a limited way of determining why
-  they were receiving the notification for filtering purposes.
+Previously, some people filtered old email tech
+notifications depending on whether they were in the To or the
+CC header, in order to get a limited way of determining why
+they were receiving the notification for filtering purposes.
 
-  Existing installations will need to make changes to support
-  this feature.  The receive reasons can be added to the
-  notifications as a header and/or in the body.  To add these
-  you will need to modify your newchangedmail parameter on
-  editparams.cgi, either by resetting it or appropriately
-  modifying it.  The header value is specified by
-  %reasonsheader% and the body by %reasonsbody%.  For example,
-  the new default parameter is:
+Existing installations will need to make changes to support
+this feature.The receive reasons can be added to the
+notifications as a header and/or in the body.To add these
+you will need to modify your newchangedmail parameter on
+editparams.cgi, either by resetting it or appropriately
+modifying it.The header value is specified by
+%reasonsheader% and the body by %reasonsbody%.For example,
+the new default parameter is:
 
-  --------------------------------------------------
-  From: bugzilla-daemon
-  To: %to%
-  Subject: [Bug %bugid%] %neworchanged%%summary%
-  X-Bugzilla-Reason: %reasonsheader%
+--------------------------------------------------
+From: bugzilla-daemon
+To: %to%
+Subject: [Bug %bugid%] %neworchanged%%summary%
+X-Bugzilla-Reason: %reasonsheader%
 
-  %urlbase%show_bug.cgi?id=%bugid%
+%urlbase%show_bug.cgi?id=%bugid%
 
-  %diffs%
+%diffs%
 
 
 
-  %reasonsbody%
-  --------------------------------------------------
+%reasonsbody%
+--------------------------------------------------
 
-  (bug 26194)
+(bug 26194)
 
 - Very long fields (especially multi-valued fields like keywords,
-  CCs, dependencies) on bug activity and notifications previously
-  could get truncated, resulting in useless notifications and data
-  loss on bug activity.  Now the multi-valued fields only show
-  changes, and very big changes are split into multiple lines.
-  Where data loss has already occurred on bug activity, it is
-  indicated using question marks.
-  (bug 55161, 92266)
+CCs, dependencies) on bug activity and notifications previously
+could get truncated, resulting in useless notifications and data
+loss on bug activity.Now the multi-valued fields only show
+changes, and very big changes are split into multiple lines.
+Where data loss has already occurred on bug activity, it is
+indicated using question marks.
+(bug 55161, 92266)
 
 - Previously, when a product's voting preferences changed all
-  votes were removed from all the bugs in the product.  Also,
-  when a bug was moved to another product, all of its votes
-  were removed.  This no longer occurs.
-
-  Instead, if the action would leave one or more bugs with
-  greater than the maximum number of votes per person per bug,
-  the number of votes will be reduced to the maximum.  The
-  person will still be notified of this as before.
-
-  If the action would leave a user with more votes in a product
-  than is allowed, the limit will be breached so as to not lose
-  votes.  However the user will not be able to update their
-  votes except to fix this situation.  No further action is taken
-  in this version to make sure that the user does this.
-  (bug 28882, 92593)
-
-*** SECURITY ISSUES RESOLVED ***
-
-- Multiple instances of unauthorised access to confidential
-  bugs has been fixed.
-  (bug 39524, 39526, 39527, 39531, 39533, 70189, 82781)
-- Multiple instances of untrusted parameters not being
-  checked/escaped was fixed.  These included definite security
-  holes.
-  (bug 38854, 38855, 38859, 39536, 87701, 95235)
-- After logging in passwords no longer appear in the URL.
-  (bug 15980)
-- Procedures to prevent unauthorised access to confidential
-  files are now simpler.  In particular the shadow directory
-  no longer exists and the data/comments file no longer needs
-  to be directly accessible, so the entire data directory can
-  be blocked.  However, no changes are required here if you
-  have a properly secured 2.12 installation as no new files
-  must be protected.
-  (bug 71552, 73191)
-- If they do not already exist, checksetup.pl will attempt to
-  write Apache .htaccess files by default, to prevent
-  unauthorised access to confidential files.  You can turn this
-  off in the localconfig file.
-  (bug 76154)
-- Sanity check can now only be run by people in the 'editbugs'
-  group.  Although it would be better to have a separate
-  group, this is not possible until the limitation on the
-  number of groups allowed has been removed.
-  (bug 54556)
-- The password is no longer stored in plaintext form.  It will
-  be eradicated next time you run checksetup.pl.  A user must
-  now change their password via a password change request that
-  gets validated at their e-mail account, rather than have it
-  mailed to them.
-  (bug 74032)
-- When you using product groups and you move a bug between
-  products (single or mass change), the bug will no longer be
-  restricted to the old product's group (if it was) and will
-  be restricted to the new product's group.
-  (bug 66235)
-- There are now options on a bug to choose whether the
-  reporter, assignee, QA and CCs can access a bug even if
-  they aren't in groups the bug it is restricted to.
-  (bug 39816)
-- You can no longer mark a bug as a duplicate of a bug you
-  can't see, and if you mark a bug a duplicate of a bug
-  the reporter cannot see you will be given options as to
-  what to do regarding adding the reporter of the resolved
-  bug to the CC of the open bug.
-  (bug 96085)
-
-*** Other changes of note ***
-
-- Groups can now be marked inactive, so you can't add a new
-  restriction on that group to a bug, while leaving bugs that
-  were previously restricted on that group alone.
-  (bug 75482)
-- backdoor.cgi has been removed from the installation.  It was
-  old code that was Netscape-specific and its name was scaring
-  people.
-  (bug 87983)
-- You can now add or remove from CC on the bulk change page.
-  (bug 12819)
-- New users created by administrators are now automatically
-  inserted into groups according to the group's regular
-  expression.  Administrators must edit the user in a second
-  step to override these choices.  Previously the
-  administrator specified these explicitly which could lead
-  to incorrect settings.
-  (bug 45164)
-- The userregexp of system groups can now be edited without
-  resorting to direct database access.
-  (bug 65290)
-
-
-*** Bug fixes of note ***
-
-- The bug list page was sometimes bringing up a not logged in
-  footer when the user was logged in and the installation was
-  using a shadow database.
-  (bug 47914)
-- You can now view the bug summary in your browser title for
-  a group-restricted bug if you have proper permissions.
-  (bug 71767)
-- Quick search for search terms did not work in IE5.
-  This has been worked around.
-  (bug 77699)
-- Quick search for search terms crashed NN4.76/4.77 for Unix.
-  This has been worked around.
-  (bug 83619)
-- Queries on bugs you have commented on using the "added
-  comment" feature should be a lot faster and not time out
-  on large installations due to the addition of an index.
-  (bug 57350)
-- You can now alter group settings on bulk change for groups
-  that aren't on for all bugs or off for all bugs.
-  (bug 84714)
-- New bug notifications now include the CC and QA fields.
-  (bug 28458)
-- Bugzilla is now more Windows friendly, although it is still
-  not an official platform.
-  (bug 88179, 29064)
-- Passwords are now encrypted using Perl's encrypt function.
-  This makes Bugzilla more portable to more operating systems.
-  (bug 77473)
-- Bugzilla didn't properly shut down when told to - some
-  queries could still be sent to the database.
-  (bug 95082)
-
-*** Outstanding issues of note ***
-
-- Bug counts (on reports.cgi) can be very slow if you have to
-  count a lot of bugs.  In this case the connection can time
-  out before the  page finishes loading.  Extending the cgi
-  timeout on your web server might help this situation.
-  (bug 63249)
-- Renaming or removing keywords will not update the "keyword
-  cache", and queries on keywords may not work properly, until
-  you rebuild the cache on the sanity check page
-  (sanitycheck.cgi).  The changer will receive a warning to do
-  this when altering the keyword.
-  (bug 69621)
-- Email notifications will not work out of the box if you are
-  using Postfix, Exim or possibly other non-SendMail mail
-  transfer agents, as Bugzilla sends mail by default in
-  "deferred" mode using the "-ODeliveryMode=deferred" command
-  line option, which needs to be supported by the sendmail
-  program.  To fix this, you can turn on the "sendmailnow"
-  parameter on the Edit Parameters page (editparams.cgi).
-  (bug 50159)
-- The new options to let people see a bug when their name
-  is on it but who aren't in the groups the bug is restricted
-  to only allow people to view bugs if they know the bug number.
-  It still will not show up in these people's buglists and
-  they will not receive email about changes to the bugs.
-  (bugs 95024, 97469)
-
-**********************************************************
-*** USERS UPGRADING FROM 2.10 OR EARLIER - 2.12 ISSUES ***
-**********************************************************
-
-*** IMPORTANT CHANGES ***
+votes were removed from all the bugs in the product.Also,
+when a bug was moved to another product, all of its votes
+were removed.This no longer occurs.
+
+Instead, if the action would leave one or more bugs with
+greater than the maximum number of votes per person per bug,
+the number of votes will be reduced to the maximum.The
+person will still be notified of this as before.
+
+ If the action would leave a user with more votes in a product
+ than is allowed, the limit will be breached so as to not lose
+ votes.However the user will not be able to update their
+ votes except to fix this situation.No further action is taken
+ in this version to make sure that the user does this.
+ (bug 28882, 92593)
+
+ *** Other changes of note ***
+ 
+ - Groups can now be marked inactive, so you can't add a new
+ restriction on that group to a bug, while leaving bugs that
+ were previously restricted on that group alone.
+ (bug 75482)
+ - backdoor.cgi has been removed from the installation.It was
+ old code that was Netscape-specific and its name was scaring
+ people.
+ (bug 87983)
+ - You can now add or remove from CC on the bulk change page.
+ (bug 12819)
+ - New users created by administrators are now automatically
+ inserted into groups according to the group's regular
+ expression.Administrators must edit the user in a second
+ step to override these choices.Previously the
+ administrator specified these explicitly which could lead
+ to incorrect settings.
+ (bug 45164)
+ - The userregexp of system groups can now be edited without
+ resorting to direct database access.
+ (bug 65290)
+ 
+ 
+
+ *** Outstanding issues of note ***
+ 
+ - Bug counts (on reports.cgi) can be very slow if you have to
+ count a lot of bugs.In this case the connection can time
+ out before thepage finishes loading. Extending the cgi
+ timeout on your web server might help this situation.
+ (bug 63249)
+ - Renaming or removing keywords will not update the "keyword
+ cache", and queries on keywords may not work properly, until
+ you rebuild the cache on the sanity check page
+ (sanitycheck.cgi).The changer will receive a warning to do
+ this when altering the keyword.
+ (bug 69621)
+ - Email notifications will not work out of the box if you are
+ using Postfix, Exim or possibly other non-SendMail mail
+ transfer agents, as Bugzilla sends mail by default in
+ "deferred" mode using the "-ODeliveryMode=deferred" command
+ line option, which needs to be supported by the sendmail
+ program.To fix this, you can turn on the "sendmailnow"
+ parameter on the Edit Parameters page (editparams.cgi).
+ (bug 50159)
+ - The new options to let people see a bug when their name
+ is on it but who aren't in the groups the bug is restricted
+ to only allow people to view bugs if they know the bug number.
+ It still will not show up in these people's buglists and
+ they will not receive email about changes to the bugs.
+ (bugs 95024, 97469)
+ 
+ **********************************************************
+ *** USERS UPGRADING FROM 2.10 OR EARLIER - 2.12 ISSUES ***
+ **********************************************************
+ 
+ These release notes may be of use to those upgrading from a release earlier 
+ than 2.12. 
+ 
+ *** IMPORTANT CHANGES ***
+ 
+ - There is now a facility for users to choose the sort of
+ notifications they wish to receive.This facility will
+ probably be improved in future versions.
+ (bug 17464)
+ 
+ - "Changed" will no longer appear on the subject line of
+ change notification emails.Because of this, you should
+ change the subject line in your 'changedmail' and
+ 'newchangedmail' params on editparams.cgi. The subject
+ line needs to be changed from
+ 
+ Subject: [Bug %bugid%] %neworchanged% - %summary%
+ 
+ to
+ 
+ Subject: [Bug %bugid%] %neworchanged%%summary%
+ 
+ or whatever is appropriate for the subject you are using
+ on your system. Note the removal of the " - " in the
+ middle.
+ (bug 29820)
+ 
+ - Some security holes have been fixed where shell escape characters
+ could be passed to Bugzilla, allowing remote users to execute
+ system commands on the web server.
+ 
+ *** Other changes of note ***
+ 
+ - Bug titles now appear in the page title, and will hence
+ display in the user's browser's bookmarks and history.
+ (bug 22041)
+ - Edit groups functionality (editgroups.cgi).
+ (bug 25010)
+ - Support for moving bugs to other Bugzilla databases.
+ (bug 36133)
+ - Bugzilla now can generate a frequently reported bugs list
+ based on what duplicates you receive.
+ (bug 25693)
+ - When installing Bugzilla fresh, the administrator account is
+ now created in checksetup.pl.
+ (bug 17773)
+ - Stored queries now show their name above the bug list, which
+ helps the user when they have multiple bug lists in multiple
+ browser windows.It also appears in the page title, and will
+ hence display in the user's browser's bookmarks and history.
+ (bug 52228)
+ - All states and resolutions can now be collected for charting.
+ (bug 6682)
+ - A new search-engine-like "quick search" feature appears on
+ the front page to try and making searching easier.
+ (bug 69793)
+ - Querying on dependencies now works in the advanced query
+ section of the query page.
+ (bug 30823)
+ - When a bug is marked as a duplicate, the reporter of the
+ resolved bug is automatically added to the CC list of the
+ open bug.
+ (bug 28676)
+ 
+ 
+ *** Bug fixes of note ***
+ 
+ - Notification emails will now always be sent to QA contacts.
+ Previously they wouldn't if you were using new email tech.
+ (bug 30826)
+ - When marking a bug as a duplicate, the duplicate stamp marked
+ on the open bug will no longer be written too early (such as
+ on mid-air collisions).
+ (bug 7873)
+ - Various bug fixes were made to the initial assignee and QA
+ of a component.It is no longer possible to enter an
+ invalid address.They will also now properly update when
+ a user's email address is changed.Sanity check will now
+ check these.
+ (bug 66876)
+ - Administrators can no longer create an email accounts that do
+ not match the global email regular expression parameter.
+ Previously this could occur and would cause sanity check
+ errors.
+ (bug 32971)
+ - The resolution field can no longer become empty when the
+ bug is resolved.This occurred because of midair collisions.
+ (bug 49306)
+ 
+ 
+ *******************************************
+ *** USERS UPGRADING FROM 2.8 OR EARLIER ***
+ *******************************************
+ 
+ Release notes were not compiled for versions of Bugzilla before
+ 2.12.
 
-- There is now a facility for users to choose the sort of
-  notifications they wish to receive.  This facility will
-  probably be improved in future versions.
-  (bug 17464)
-
-- "Changed" will no longer appear on the subject line of
-  change notification emails.  Because of this, you should
-  change the subject line in your 'changedmail' and
-  'newchangedmail' params on editparams.cgi. The subject
-  line needs to be changed from
-
-    Subject: [Bug %bugid%] %neworchanged% - %summary%
-
-  to
-
-    Subject: [Bug %bugid%] %neworchanged%%summary%
-
-  or whatever is appropriate for the subject you are using
-  on your system. Note the removal of the " - " in the
-  middle.
-  (bug 29820)
-
-- Some security holes have been fixed where shell escape characters
-  could be passed to Bugzilla, allowing remote users to execute
-  system commands on the web server.
-
-*** Other changes of note ***
-
-- Bug titles now appear in the page title, and will hence
-  display in the user's browser's bookmarks and history.
-  (bug 22041)
-- Edit groups functionality (editgroups.cgi).
-  (bug 25010)
-- Support for moving bugs to other Bugzilla databases.
-  (bug 36133)
-- Bugzilla now can generate a frequently reported bugs list
-  based on what duplicates you receive.
-  (bug 25693)
-- When installing Bugzilla fresh, the administrator account is
-  now created in checksetup.pl.
-  (bug 17773)
-- Stored queries now show their name above the bug list, which
-  helps the user when they have multiple bug lists in multiple
-  browser windows.  It also appears in the page title, and will
-  hence display in the user's browser's bookmarks and history.
-  (bug 52228)
-- All states and resolutions can now be collected for charting.
-  (bug 6682)
-- A new search-engine-like "quick search" feature appears on
-  the front page to try and making searching easier.
-  (bug 69793)
-- Querying on dependencies now works in the advanced query
-  section of the query page.
-  (bug 30823)
-- When a bug is marked as a duplicate, the reporter of the
-  resolved bug is automatically added to the CC list of the
-  open bug.
-  (bug 28676)
-
-
-*** Bug fixes of note ***
-
-- Notification emails will now always be sent to QA contacts.
-  Previously they wouldn't if you were using new email tech.
-  (bug 30826)
-- When marking a bug as a duplicate, the duplicate stamp marked
-  on the open bug will no longer be written too early (such as
-  on mid-air collisions).
-  (bug 7873)
-- Various bug fixes were made to the initial assignee and QA
-  of a component.  It is no longer possible to enter an
-  invalid address.  They will also now properly update when
-  a user's email address is changed.  Sanity check will now
-  check these.
-  (bug 66876)
-- Administrators can no longer create an email accounts that do
-  not match the global email regular expression parameter.
-  Previously this could occur and would cause sanity check
-  errors.
-  (bug 32971)
-- The resolution field can no longer become empty when the
-  bug is resolved.  This occurred because of midair collisions.
-  (bug 49306)
-
-
-*******************************************
-*** USERS UPGRADING FROM 2.8 OR EARLIER ***
-*******************************************
-
-Release notes were not compiled for versions of Bugzilla before
-2.12.
diff --git a/docs/sgml/CVS/Entries b/docs/sgml/CVS/Entries
index 14b475507c4477e0beb5fc8d315aa2968f04d1ec..b1573d6d9924711f8c5340b412bf031cb65054b6 100644
--- a/docs/sgml/CVS/Entries
+++ b/docs/sgml/CVS/Entries
@@ -1,18 +1,18 @@
-/Bugzilla-Guide.sgml/1.6/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14
-/about.sgml/1.5/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14
-/administration.sgml/1.7/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14
-/conventions.sgml/1.2/Fri Aug 10 22:13:50 2001//TBUGZILLA-2_14
-/database.sgml/1.4/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14
-/dbschema.mysql/1.1/Fri Aug 10 22:13:50 2001//TBUGZILLA-2_14
-/faq.sgml/1.6/Wed Aug 29 17:25:38 2001//TBUGZILLA-2_14
-/future.sgml/1.5/Wed Aug 29 17:25:38 2001//TBUGZILLA-2_14
-/gfdl.sgml/1.2/Fri Aug 10 22:13:52 2001//TBUGZILLA-2_14
-/glossary.sgml/1.3/Wed Aug 22 03:44:31 2001//TBUGZILLA-2_14
-/index.sgml/1.2/Fri Aug 10 22:13:53 2001//TBUGZILLA-2_14
-/installation.sgml/1.7/Wed Aug 29 18:13:41 2001//TBUGZILLA-2_14
-/integration.sgml/1.5/Wed Aug 29 17:25:38 2001//TBUGZILLA-2_14
-/patches.sgml/1.5/Wed Aug 29 17:25:39 2001//TBUGZILLA-2_14
-/requiredsoftware.sgml/1.2/Fri Aug 10 22:13:54 2001//TBUGZILLA-2_14
-/using.sgml/1.5/Wed Aug 29 17:25:39 2001//TBUGZILLA-2_14
-/variants.sgml/1.4/Wed Aug 22 03:44:32 2001//TBUGZILLA-2_14
+/Bugzilla-Guide.sgml/1.6/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14_1
+/about.sgml/1.5/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14_1
+/administration.sgml/1.7/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14_1
+/conventions.sgml/1.2/Fri Aug 10 22:13:50 2001//TBUGZILLA-2_14_1
+/database.sgml/1.4/Wed Aug 29 17:25:36 2001//TBUGZILLA-2_14_1
+/dbschema.mysql/1.1/Fri Aug 10 22:13:50 2001//TBUGZILLA-2_14_1
+/faq.sgml/1.6/Wed Aug 29 17:25:38 2001//TBUGZILLA-2_14_1
+/future.sgml/1.5/Wed Aug 29 17:25:38 2001//TBUGZILLA-2_14_1
+/gfdl.sgml/1.2/Fri Aug 10 22:13:52 2001//TBUGZILLA-2_14_1
+/glossary.sgml/1.3/Wed Aug 22 03:44:31 2001//TBUGZILLA-2_14_1
+/index.sgml/1.2/Fri Aug 10 22:13:53 2001//TBUGZILLA-2_14_1
+/installation.sgml/1.7/Wed Aug 29 18:13:41 2001//TBUGZILLA-2_14_1
+/integration.sgml/1.5/Wed Aug 29 17:25:38 2001//TBUGZILLA-2_14_1
+/patches.sgml/1.5/Wed Aug 29 17:25:39 2001//TBUGZILLA-2_14_1
+/requiredsoftware.sgml/1.2/Fri Aug 10 22:13:54 2001//TBUGZILLA-2_14_1
+/using.sgml/1.5/Wed Aug 29 17:25:39 2001//TBUGZILLA-2_14_1
+/variants.sgml/1.4/Wed Aug 22 03:44:32 2001//TBUGZILLA-2_14_1
 D
diff --git a/docs/sgml/CVS/Tag b/docs/sgml/CVS/Tag
index c10f87310f020d45437be8716d7c8f95acc569ad..705dc0579c785225ce6f96af498f7679df64b43d 100644
--- a/docs/sgml/CVS/Tag
+++ b/docs/sgml/CVS/Tag
@@ -1 +1 @@
-NBUGZILLA-2_14
+NBUGZILLA-2_14_1
diff --git a/docs/txt/CVS/Entries b/docs/txt/CVS/Entries
index 7392262c20052289a6fb1e03dd71cd0e16cadf87..c878308c4bfa6aac0b1e62e0cf7f4d72c8534d4d 100644
--- a/docs/txt/CVS/Entries
+++ b/docs/txt/CVS/Entries
@@ -1,2 +1,2 @@
-/Bugzilla-Guide.txt/1.8/Wed Aug 29 18:13:42 2001//TBUGZILLA-2_14
+/Bugzilla-Guide.txt/1.8/Wed Aug 29 18:13:42 2001//TBUGZILLA-2_14_1
 D
diff --git a/docs/txt/CVS/Tag b/docs/txt/CVS/Tag
index c10f87310f020d45437be8716d7c8f95acc569ad..705dc0579c785225ce6f96af498f7679df64b43d 100644
--- a/docs/txt/CVS/Tag
+++ b/docs/txt/CVS/Tag
@@ -1 +1 @@
-NBUGZILLA-2_14
+NBUGZILLA-2_14_1
diff --git a/doeditvotes.cgi b/doeditvotes.cgi
index 75208ce35f106d95aac749269eff4a39a05c4c2d..306cdf46912a6d95cd00ca17a515da091871e95a 100755
--- a/doeditvotes.cgi
+++ b/doeditvotes.cgi
@@ -84,9 +84,11 @@ my $who = DBNameToIdAndCheck($::COOKIE{'Bugzilla_login'});
 
 if ( (! defined $who) || (!$who) ) {
     PutHeader("Bad login.");
-    print "The login info got confused.  If you want to adjust the votes\n";
-    print "for <tt>$::COOKIE{'Bugzilla_login'}</tt>, then please\n";
-    print "<a href=showvotes.cgi?user=$who>click here</a>.<hr>\n";
+    print qq|
+    The login info got confused. Please
+    <a href="query.cgi?GoAheadAndLogIn=1">log in</a>
+    (again) and try again.\n
+    |;
     PutFooter();
     exit();
 }
diff --git a/editusers.cgi b/editusers.cgi
index 48dcfa0c1a22c414e74ee2a053ac80feb0f93d7a..188cd05b5d251b4363be02c21b4d3648748421cd 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -736,12 +736,14 @@ if ($action eq 'update') {
     foreach (keys %::FORM) {
 	next unless /^bit_/;
 	#print "$_=$::FORM{$_}<br>\n";
+        detaint_natural($::FORM{$_}) || die "Groupset field tampered with";
 	$groupset .= " + $::FORM{$_}";
     }
     my $blessgroupset = "0";
     foreach (keys %::FORM) {
 	next unless /^blbit_/;
 	#print "$_=$::FORM{$_}<br>\n";
+        detaint_natural($::FORM{$_}) || die "Blessgroupset field tampered with";
 	$blessgroupset .= " + $::FORM{$_}";
     }
 
@@ -761,7 +763,8 @@ if ($action eq 'update') {
         } else {
            SendSQL("UPDATE profiles
                     SET groupset =
-                         groupset - (groupset & $opblessgroupset) + $groupset
+                         groupset - (groupset & $opblessgroupset) + 
+                         (($groupset) & $opblessgroupset)
                     WHERE login_name=" . SqlQuote($userold));
 
            # I'm paranoid that someone who I give the ability to bless people
diff --git a/globals.pl b/globals.pl
index 70f60da4bcf72c1c2ccc01db7551b50713283497..cfb03252497888889fc9ff67f9b2eb99cd1eced8 100644
--- a/globals.pl
+++ b/globals.pl
@@ -20,6 +20,7 @@
 # Contributor(s): Terry Weissman <terry@mozilla.org>
 #                 Dan Mosedale <dmose@mozilla.org>
 #                 Jake <jake@acutex.net>
+#                 Bradley Baetz <bbaetz@cs.mcgill.ca>
 
 # Contains some global variables and routines used throughout bugzilla.
 
@@ -75,7 +76,7 @@ use RelationSet;
 delete $ENV{PATH};
 
 # Contains the version string for the current running Bugzilla.
-$::param{'version'} = '2.14';
+$::param{'version'} = '2.14.1';
 
 $::dontchange = "--do_not_change--";
 $::chooseone = "--Choose_one:--";
@@ -835,6 +836,12 @@ sub detaint_string {
     $str = $1;
 }
 
+sub detaint_natural {
+    $_[0] =~ /^(\d+)$/;
+    $_[0] = $1;
+    return (defined($_[0]));
+}
+
 # This routine quoteUrls contains inspirations from the HTML::FromText CPAN
 # module by Gareth Rees <garethr@cre.canon.co.uk>.  It has been heavily hacked,
 # all that is really recognizable from the original is bits of the regular
diff --git a/long_list.cgi b/long_list.cgi
index 5623a4e12459817991824101e63c4c4498bd217a..b74e1378b2e1765b83ddb41f55a019a5320851a5 100755
--- a/long_list.cgi
+++ b/long_list.cgi
@@ -73,6 +73,7 @@ bugs.groupset & $::usergroupset = bugs.groupset and";
 
 $::FORM{'buglist'} = "" unless exists $::FORM{'buglist'};
 foreach my $bug (split(/:/, $::FORM{'buglist'})) {
+    detaint_natural($bug) || next;
     SendSQL("$generic_query bugs.bug_id = $bug");
 
     my @row;
diff --git a/post_bug.cgi b/post_bug.cgi
index f1a3e6443c150feef23f70410fb5386f39e42126..dcb3f245fb097dcbbe2129f9ed42cbf3f0653d42 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -102,10 +102,7 @@ if ($::FORM{'assigned_to'} eq "") {
     $::FORM{'assigned_to'} = DBNameToIdAndCheck($::FORM{'assigned_to'});
 }
 
-$::FORM{'reporter'} = DBNameToIdAndCheck($::FORM{'reporter'});
-
-
-my @bug_fields = ("reporter", "product", "version", "rep_platform",
+my @bug_fields = ("product", "version", "rep_platform",
                   "bug_severity", "priority", "op_sys", "assigned_to",
                   "bug_status", "bug_file_loc", "short_desc", "component",
                   "target_milestone");
@@ -144,7 +141,6 @@ if (!exists $::FORM{'target_milestone'}) {
 
 if ( Param("strictvaluechecks") ) {
     GetVersionTable();  
-    CheckFormField(\%::FORM, 'reporter');
     CheckFormField(\%::FORM, 'product', \@::legal_product);
     CheckFormField(\%::FORM, 'version', \@{$::versions{$::FORM{'product'}}});
     CheckFormField(\%::FORM, 'target_milestone',
@@ -173,7 +169,7 @@ if (exists $::FORM{'bug_status'} && $::FORM{'bug_status'} ne $::unconfirmedstate
 }
 
 my $query = "INSERT INTO bugs (\n" . join(",\n", @used_fields) . ",
-creation_ts, groupset)
+reporter, creation_ts, groupset)
 VALUES (
 ";
 
@@ -181,17 +177,17 @@ foreach my $field (@used_fields) {
 # fix for 42609. if there is a http:// only in bug_file_loc, strip
 # it out and send an empty value. 
     if ($field eq 'bug_file_loc') {
-       if ($::FORM{$field} eq 'http://') {
-           $::FORM{$field} = "";
-           $query .= SqlQuote($::FORM{$field}) . ",\n";
-           next;
-       } 
-       else {
-          $query .= SqlQuote($::FORM{$field}) . ",\n";
-       }
+        if ($::FORM{$field} eq 'http://') {
+            $::FORM{$field} = "";
+            $query .= SqlQuote($::FORM{$field}) . ",\n";
+            next;
+        }
+        else {
+            $query .= SqlQuote($::FORM{$field}) . ",\n";
+        }
     }
     else {
-       $query .= SqlQuote($::FORM{$field}) . ",\n";
+        $query .= SqlQuote($::FORM{$field}) . ",\n";
     }
 }
 
@@ -203,7 +199,7 @@ $comment = trim($comment);
 # OK except for the fact that it causes e-mail to be suppressed.
 $comment = $comment ? $comment : " ";
 
-$query .= "now(), (0";
+$query .= "$::userid, now(), (0";
 
 foreach my $b (grep(/^bit-\d*$/, keys %::FORM)) {
     if ($::FORM{$b}) {
@@ -250,7 +246,7 @@ SendSQL("select LAST_INSERT_ID()");
 my $id = FetchOneColumn();
 
 SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext) VALUES " .
-        "($id, $::FORM{'reporter'}, now(), " . SqlQuote($comment) . ")");
+        "($id, $::userid, now(), " . SqlQuote($comment) . ")");
 
 foreach my $person (keys %ccids) {
     SendSQL("insert into cc (bug_id, who) values ($id, $person)");
diff --git a/process_bug.cgi b/process_bug.cgi
index 70d2625ba125af24b6286c9dd9929779282428a4..6c56f34cce0a252852442084cfec30f0032171e5 100755
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -469,10 +469,6 @@ if ($action eq Param("move-button-text")) {
 }
 
 
-if (!defined $::FORM{'who'}) {
-    $::FORM{'who'} = $::COOKIE{'Bugzilla_login'};
-}
-
 # the common updates to all bugs in @idlist start here
 #
 print "<TITLE>Update Bug " . join(" ", @idlist) . "</TITLE>\n";
@@ -807,7 +803,7 @@ SWITCH: for ($::FORM{'knob'}) {
                          "is a duplicate.  The bug has not been changed.")
         }
         if (!defined($::FORM{'id'}) || $num == $::FORM{'id'}) {
-            PuntTryAgain("Nice try, $::FORM{'who'}.  But it doesn't really ".
+            PuntTryAgain("Nice try, $::COOKIE{'Bugzilla_login'}.  But it doesn't really ".
                          "make sense to mark a bug as a duplicate of " .
                          "itself, does it?");
         }
@@ -1160,7 +1156,7 @@ The changes made were:
     $timestamp = FetchOneColumn();
     
     if (defined $::FORM{'comment'}) {
-        AppendComment($id, $::FORM{'who'}, $::FORM{'comment'});
+        AppendComment($id, $::COOKIE{'Bugzilla_login'}, $::FORM{'comment'});
     }
     
     my $removedCcString = "";
@@ -1383,7 +1379,7 @@ The changes made were:
     if ( $origQaContact ne "") { 
         push @ARGLIST, ( "-forceqacontact", $origQaContact);
     }
-    push @ARGLIST, ($id, $::FORM{'who'});
+    push @ARGLIST, ($id, $::COOKIE{'Bugzilla_login'});
     system ("./processmail",@ARGLIST);
 
     print "<TD><A HREF=\"show_bug.cgi?id=$id\">Back To BUG# $id</A></TABLE>\n";
@@ -1402,19 +1398,19 @@ The changes made were:
             LogActivityEntry($duplicate,"cc","",DBID_to_name($reporter));
             SendSQL("INSERT INTO cc (who, bug_id) VALUES ($reporter, " . SqlQuote($duplicate) . ")");
         }
-        AppendComment($duplicate, $::FORM{'who'}, "*** Bug $::FORM{'id'} has been marked as a duplicate of this bug. ***");
+        AppendComment($duplicate, $::COOKIE{'Bugzilla_login'}, "*** Bug $::FORM{'id'} has been marked as a duplicate of this bug. ***");
         if ( Param('strictvaluechecks') ) {
           CheckFormFieldDefined(\%::FORM,'comment');
         }
         SendSQL("INSERT INTO duplicates VALUES ($duplicate, $::FORM{'id'})");
         print "<TABLE BORDER=1><TD><H2>Duplicate notation added to bug $duplicate</H2>\n";
-        system("./processmail", $duplicate, $::FORM{'who'});
+        system("./processmail", $duplicate, $::COOKIE{'Bugzilla_login'});
         print "<TD><A HREF=\"show_bug.cgi?id=$duplicate\">Go To BUG# $duplicate</A></TABLE>\n";
     }
 
     foreach my $k (keys(%dependencychanged)) {
         print "<TABLE BORDER=1><TD><H2>Checking for dependency changes on bug $k</H2>\n";
-        system("./processmail", $k, $::FORM{'who'});
+        system("./processmail", $k, $::COOKIE{'Bugzilla_login'});
         print "<TD><A HREF=\"show_bug.cgi?id=$k\">Go To BUG# $k</A></TABLE>\n";
     }
 
diff --git a/runtests.sh b/runtests.sh
new file mode 100755
index 0000000000000000000000000000000000000000..7b67b17616635de32d15f0209fccc041261df1da
--- /dev/null
+++ b/runtests.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+TEST_VERBOSE=0
+PART1='use Test::Harness qw(&runtests $verbose); $verbose='
+PART2='; runtests @ARGV;'
+for f in $*; do
+  if [ $f == "--verbose" ] ; then
+    TEST_VERBOSE=1
+  fi
+done
+
+/usr/bonsaitools/bin/perl -e "${PART1}${TEST_VERBOSE}${PART2}" t/*.t
diff --git a/t/001compile.t b/t/001compile.t
new file mode 100644
index 0000000000000000000000000000000000000000..63f59af9a79db7de5a925622b455b27782cc2842
--- /dev/null
+++ b/t/001compile.t
@@ -0,0 +1,91 @@
+# -*- Mode: perl; indent-tabs-mode: nil -*-
+#
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code are the Bugzilla Tests.
+# 
+# The Initial Developer of the Original Code is Zach Lipton
+# Portions created by Zach Lipton are 
+# Copyright (C) 2001 Zach Lipton.  All
+# Rights Reserved.
+# 
+# Contributor(s): Zach Lipton <zach@zachlipton.com>
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+
+#################
+#Bugzilla Test 1#
+###Compilation###
+BEGIN { use lib 't/'; }
+BEGIN { use Support::Files; }
+BEGIN { $tests = @Support::Files::testitems + 3; }
+BEGIN { use Test::More tests => $tests; }
+
+use strict;
+
+# First now we test the scripts                                                   
+my @testitems = @Support::Files::testitems; 
+# Capture the TESTERR from Test::More for printing errors.
+# This will handle verbosity for us automatically
+*TESTOUT = \*Test::More::TESTOUT;
+my $perlapp = $^X;
+
+foreach my $file (@testitems) {
+        $file =~ s/\s.*$//; # nuke everything after the first space (#comment)
+        next if (!$file); # skip null entries
+        open (FILE,$file);
+        my $bang = <FILE>;
+        close (FILE);
+        my $T = "";
+        if ($bang =~ m/#!\S*perl\s+-.*T/) {
+            $T = "T";
+        }
+        my $command = "$perlapp"." -c$T $file 2>&1";
+        my $loginfo=`$command`;
+        #print '@@'.$loginfo.'##';
+        if ($loginfo =~ /syntax ok$/im) {
+                if ($loginfo ne "$file syntax OK\n") {
+                        print TESTOUT $loginfo;
+                        ok(0,$file."--WARNING");
+                } else {
+                        ok(1,$file);
+                }
+        } else {
+                print TESTOUT $loginfo;
+                ok(0,$file."--ERROR");
+        }
+}      
+
+# and the libs:                                                                 
+use_ok('Token'); # 52                                                 
+use_ok('Bug'); # 53                                            
+use_ok('RelationSet'); # 54                                           
+
+
+
+
+
+
+
+
+
diff --git a/t/003safesys.t b/t/003safesys.t
new file mode 100644
index 0000000000000000000000000000000000000000..98e9d2d64bea9a746dc579e364b930bde8978e38
--- /dev/null
+++ b/t/003safesys.t
@@ -0,0 +1,64 @@
+# -*- Mode: perl; indent-tabs-mode: nil -*-
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code are the Bugzilla Tests.
+# 
+# The Initial Developer of the Original Code is Zach Lipton
+# Portions created by Zach Lipton are 
+# Copyright (C) 2001 Zach Lipton.  All
+# Rights Reserved.
+# 
+# Contributor(s): Zach Lipton <zach@zachlipton.com>
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+#################
+#Bugzilla Test 3#
+###Safesystem####
+
+BEGIN { use lib 't/'; }
+BEGIN { use Support::Files; }
+BEGIN { $tests = @Support::Files::testitems; }    
+BEGIN { use Test::More tests => $tests; }
+
+use strict;
+
+my @testitems = @Support::Files::testitems; 
+# Capture the TESTERR from Test::More for printing errors.
+# This will handle verbosity for us automatically
+*TESTOUT = \*Test::More::TESTOUT;
+my $perlapp = $^X;
+
+foreach my $file (@testitems) {
+        $file =~ s/\s.*$//; # nuke everything after the first space (#comment)
+        next if (!$file); # skip null entries
+        my $command = "$perlapp -c -It -MSupport::Systemexec $file 2>&1";
+        my $loginfo=`$command`;
+        if ($loginfo =~ /arguments for Support::Systemexec::(system|exec)/im) {
+                ok(0,"$file DOES NOT use proper system or exec calls");
+                print TESTOUT $loginfo;
+        } else {
+                ok(1,"$file uses proper system and exec calls");
+        }
+}
+
diff --git a/t/CVS/Entries b/t/CVS/Entries
new file mode 100644
index 0000000000000000000000000000000000000000..1648ccf8c0fae134a819aa918f339f94c5ea4e6a
--- /dev/null
+++ b/t/CVS/Entries
@@ -0,0 +1,3 @@
+/001compile.t/1.6.6.1/Sat Nov 17 07:41:55 2001//TBUGZILLA-2_14_1
+/003safesys.t/1.3.6.1/Sat Nov 17 07:41:57 2001//TBUGZILLA-2_14_1
+D/Support////
diff --git a/t/CVS/Repository b/t/CVS/Repository
new file mode 100644
index 0000000000000000000000000000000000000000..a54a8bb946be1ade404a1daf900652844deac048
--- /dev/null
+++ b/t/CVS/Repository
@@ -0,0 +1 @@
+mozilla/webtools/bugzilla/t
diff --git a/t/CVS/Root b/t/CVS/Root
new file mode 100644
index 0000000000000000000000000000000000000000..cdb6f4a0739a0dc53e628026726036377dec3637
--- /dev/null
+++ b/t/CVS/Root
@@ -0,0 +1 @@
+:pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot
diff --git a/t/CVS/Tag b/t/CVS/Tag
new file mode 100644
index 0000000000000000000000000000000000000000..705dc0579c785225ce6f96af498f7679df64b43d
--- /dev/null
+++ b/t/CVS/Tag
@@ -0,0 +1 @@
+NBUGZILLA-2_14_1
diff --git a/t/Support/CVS/Entries b/t/Support/CVS/Entries
new file mode 100644
index 0000000000000000000000000000000000000000..c759f7e10e88944e3e7dbf8f29961450a7bf5c73
--- /dev/null
+++ b/t/Support/CVS/Entries
@@ -0,0 +1,3 @@
+/Files.pm/1.9.4.1/Sat Nov 17 07:41:59 2001//TBUGZILLA-2_14_1
+/Systemexec.pm/1.2.8.1/Sat Nov 17 07:41:59 2001//TBUGZILLA-2_14_1
+D
diff --git a/t/Support/CVS/Repository b/t/Support/CVS/Repository
new file mode 100644
index 0000000000000000000000000000000000000000..28d73d728804a05b9d21d0c5c67072ea2e01d8c3
--- /dev/null
+++ b/t/Support/CVS/Repository
@@ -0,0 +1 @@
+mozilla/webtools/bugzilla/t/Support
diff --git a/t/Support/CVS/Root b/t/Support/CVS/Root
new file mode 100644
index 0000000000000000000000000000000000000000..cdb6f4a0739a0dc53e628026726036377dec3637
--- /dev/null
+++ b/t/Support/CVS/Root
@@ -0,0 +1 @@
+:pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot
diff --git a/t/Support/CVS/Tag b/t/Support/CVS/Tag
new file mode 100644
index 0000000000000000000000000000000000000000..705dc0579c785225ce6f96af498f7679df64b43d
--- /dev/null
+++ b/t/Support/CVS/Tag
@@ -0,0 +1 @@
+NBUGZILLA-2_14_1
diff --git a/t/Support/Files.pm b/t/Support/Files.pm
new file mode 100644
index 0000000000000000000000000000000000000000..63c55ce86bef133d3e9b73b89a002fca395f468a
--- /dev/null
+++ b/t/Support/Files.pm
@@ -0,0 +1,67 @@
+# -*- Mode: perl; indent-tabs-mode: nil -*-
+# 
+# The contents of this file are subject to the Mozilla Public
+# License Version 1.1 (the "License"); you may not use this file
+# except in compliance with the License. You may obtain a copy of
+# the License at http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS
+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+# implied. See the License for the specific language governing
+# rights and limitations under the License.
+# 
+# The Original Code are the Bugzilla Tests.
+# 
+# The Initial Developer of the Original Code is Zach Lipton
+# Portions created by Zach Lipton are 
+# Copyright (C) 2001 Zach Lipton.  All
+# Rights Reserved.
+# 
+# Contributor(s): Zach Lipton <zach@zachlipton.com>
+# 
+# Alternatively, the contents of this file may be used under the
+# terms of the GNU General Public License Version 2 or later (the
+# "GPL"), in which case the provisions of the GPL are applicable 
+# instead of those above.  If you wish to allow use of your 
+# version of this file only under the terms of the GPL and not to
+# allow others to use your version of this file under the MPL,
+# indicate your decision by deleting the provisions above and
+# replace them with the notice and other provisions required by
+# the GPL.  If you do not delete the provisions above, a recipient
+# may use your version of this file under either the MPL or the
+# GPL.
+# 
+
+package Support::Files;
+
+@additional_files = ('syncshadowdb','processmail');
+@exclude_files    = ('importxml.pl');
+
+$file = '*';
+@files = glob($file);
+
+sub isTestingFile {
+  my ($file) = @_;
+  my $exclude;
+  foreach $exclude (@exclude_files) {
+        if ($file eq $exclude) { return undef; } # get rid of excluded files.
+  }
+
+  if ($file =~ /\.cgi$|\.pl$|\.pm$/) {
+    return 1;
+  }
+  my $additional;
+  foreach $additional (@additional_files) {
+    if ($file eq $additional) { return 1; }
+  }
+  return undef;
+}
+
+foreach $currentfile (@files) {
+        if (isTestingFile($currentfile)) {
+                push(@testitems,$currentfile);
+        }
+}
+
+
+1;
diff --git a/t/Support/Systemexec.pm b/t/Support/Systemexec.pm
new file mode 100644
index 0000000000000000000000000000000000000000..676ee02a4f80daefc45d545fc4190c17caa78090
--- /dev/null
+++ b/t/Support/Systemexec.pm
@@ -0,0 +1,14 @@
+# -*- Mode: perl; indent-tabs-mode: nil -*-
+
+package Support::Systemexec;
+require Exporter;
+@ISA = qw(Exporter);
+@EXPORT = qw(system exec);
+@EXPORT_OK = qw();
+sub system($$@) {
+  1;
+}
+sub exec($$@) {
+  1;
+}
+1;
diff --git a/userprefs.cgi b/userprefs.cgi
index 0eeda0e71009f929a4915d28c0d417feb6b1cd8f..fad31b4e435c2b2999de670516619d7ea3c7e0d7 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -495,8 +495,8 @@ sub SaveFooter {
             Error("Hmm, the $name query seems to have gone away.");
         }
     }
-    SendSQL("UPDATE profiles SET mybugslink = '" . $::FORM{'mybugslink'} .
-            "' WHERE userid = $userid");
+    SendSQL("UPDATE profiles SET mybugslink = " . SqlQuote($::FORM{'mybugslink'}) .
+            " WHERE userid = $userid");
 }