use Debbugs::Config qw(:config);
use POSIX qw(strftime);
use Encode qw(decode_utf8 encode_utf8);
+use URI::Escape qw(uri_escape);
BEGIN{
($VERSION) = q$Revision: 494 $ =~ /^Revision:\s+([^\s+])/;
if ($_ eq 'From' and $param{avatars}) {
my $libravatar_url = __libravatar_url(decode_rfc1522($head_field));
if (defined $libravatar_url and length $libravatar_url) {
- push @headers,q(<img src="http://).$libravatar_url.qq(" alt="">\n);
+ push @headers,q(<img src=").html_escape($libravatar_url).qq(" alt="">\n);
}
}
push @headers, qq(<div class="header"><span class="headerfield">$_:</span> ) . html_escape(decode_rfc1522($head_field))."</div>\n";
((?:\>\;)?[)]?(?:'|\&\#39\;)?[:.\,]?(?:\s|$)) # terminators
}{<a href=\"$1\">$1</a>$2}gox;
# Add links to bug closures
- $body =~ s[(closes:\s*(?:bug)?\#?\s?\d+(?:,?\s*(?:bug)?\#?\s?\d+)*)]
+ $body =~ s[((?:closes|see):\s* # start of closed/referenced bugs
+ (?:bug)?\#?\s?\d+\s? # first bug
+ (?:,?\s*(?:bug)?\#?\s?\d+)* # additional bugs
+ (?:\s|\n|\)|\]|\}|\.|\,|$)) # ends with a space, newline, end of string, or ); fixes #747267
+ ]
[my $temp = $1;
$temp =~ s{(\d+)}
{bug_links(bug=>$1)}ge;
length $config{cve_tracker}
) {
# Add links to CVE vulnerabilities (closes #568464)
- $body =~ s{(^|\s)(CVE-\d{4}-\d{4,})(\s|[,.-\[\]]|$)}
+ $body =~ s{(^|\s|[\(\[])(CVE-\d{4}-\d{4,})(\s|[,.-\[\]\)]|$)}
{$1<a href="http://$config{cve_tracker}$2">$2</a>$3}gxm;
}
if (not exists $param{att}) {
{$1.$2.(bug_links(bug=>$3)).$4.
english_join([map {bug_links(bug=>$_)} (split /\,?\s+(?:and\s+)?/, $5)])}eo;
# Add links to reassigned packages
- $output =~ s{(Bug reassigned from package \`)([^']+?)((?:'|\&\#39;) to \`)([^']+?)((?:'|\&\#39;))}
+ $output =~ s{(Bug reassigned from package (?:[\`']|\&\#39;))([^']+?)((?:'|\&\#39;) to (?:[\`']|\&\#39;))([^']+?)((?:'|\&\#39;))}
{$1.q(<a href=").html_escape(package_links(package=>$2)).qq(">$2</a>).$3.q(<a href=").html_escape(package_links(package=>$4)).qq(">$4</a>).$5}eo;
if (defined $time) {
$output .= ' ('.strftime('%a, %d %b %Y %T GMT',gmtime($time)).') ';
return undef;
}
($email) = get_addresses($email);
- return $config{libravatar_uri}.$email.($config{libravatar_uri_options}//'');
+ return $config{libravatar_uri}.uri_escape($email.($config{libravatar_uri_options}//''));
}