Upgraded to RTv5.0.3 on Perl 5.36 from RTv5.0.1 on Perl 5.34 and now Search Builder causes errors like:
There was an error parsing your search query: Wrong query, no such column 'testing' in 'Queue = testing'. Your RT admin can find more information in the error logs.
Logs:
Couldn't parse query: Wrong query, no such column 'testing' in 'Queue = testing' at /u/rt5/sbin/../lib/RT/Tickets.pm line 3459
TL;DR: The “Queue = testing” is what’s being passed directly to MySQL. If I manually hack the URL to add the single-quotes around the word testing, it works. It’s literally not possible to use the Search Builder because it’s failing to DB quote the data from the user. FWIW, this very well might be a SQL Injection pathway.
I attempted a restart with SB_PREFER_BIND=0 and SB_PREFER_BIND=1 and both caused this error.
