As a result of the fix for bug 45918, if you are logged in with cookies enabled, and you enter an incorrect password when making a change on the "account settings" tab of userprefs.cgi, Bugzilla tells you that "the username or password you entered is not valid," even though you never entered a username. Bugzilla should only tell you that your password is invalid.
Ooh, this is going to be a nasty one to fix. If you just change the message you're changing the error you get when you screw up the password on a real login, too (because it's running the same code). And we don't want the real login message to be that generic because it'll give away the existence of an account. Probably we need some sort of generic "authenticate" routine in globals.pl which simply returns whether or not someone's password is correct or not, but also sets the appropriate cookies and such if necessary so people don't get logged out when changing their password.
The User Interface component now belongs to Gerv. Reassigning all UNCONFIRMED and NEW (but not ASSIGNED) bugs currently owned by Myk (the previous component owner) to Gerv.
Reassigning back to Myk. That stuff about Gerv taking over the User Interface component turned out to be short-lived. Please pardon our confusion, and I'm very sorry about the spam.
Unloved bugs targetted for 2.18 but untouched since 9-15-2003 are being retargeted to 2.20 If you plan to act on one immediately, go ahead and pull it back to 2.18.
This bug has not been touched by its owner in over six months, even though it is targeted to 2.20, for which the freeze is 10 days away. Unsetting the target milestone, on the assumption that nobody is actually working on it or has any plans to soon. If you are the owner, and you plan to work on the bug, please give it a real target milestone. If you are the owner, and you do *not* plan to work on it, please reassign it to firstname.lastname@example.org or a .bugs component owner. If you are *anybody*, and you get this comment, and *you* plan to work on the bug, please reassign it to yourself if you have the ability.
*** Bug 321836 has been marked as a duplicate of this bug. ***
this is getting annoying. i'll buy someone lunch for fixing it.
Unfortunately, this is too trivial to be a blocker.
I cannot reproduce this problem. The error message is now accurate.