Bug 627369

FWIW, the email that bugzilla sends out looks good.

Just a quick test to see if cutting and pasting in here will change it at all:

CVE-2010-1780 (crash when focus is changed while trying to focus next element)
A use after free issue exists in WebKit's handling of element focus. Visiting a
maliciously crafted website may lead to an unexpected application termination
or arbitrary code execution. This issue is addressed through improved handling
of element focus. Credit to Tony Chang of Google, Inc. for reporting this
issue.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=40407
* Trac: http://trac.webkit.org/changeset/60984

I have disabled to code for now that does the linkification of CVE/CAN ids in bug comments as this definitely has a problem that needs to be resolved. The comment text in the database is fine and the issue was merely cosmetic but a problem.

I will need to investigate this further in the near future and then we can re-enable the feature once it is figured out.

Dave

Do you have a test install where you made the change?  I'm not sure if it's the linkification that is doing it, because it seems to work otherwise.  I'm actually at quite a loss as to why it's not working on that bug, but if you have a demo/test setup where that linkification is removed and the text displays properly, then I suppose that is the problem.

Unless this is resolved quickly, the linkification shouldn't be removed in the production bz as that will probably cause some grief here.  I can try to change/tweak that text to see if there is something else I can do for that bug, but I think we'd rather have CVE's auto-linked than have that bug displayed pretty (although having both would be ideal).

https://bz-web2-test.devel.redhat.com

*** This bug has been marked as a duplicate of bug 624597 ***