Mercurial > p > roundup > code

comparison doc/announcement.txt @ 4351:e2be38b52d4d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
release stuff
author Richard Jones <richard@users.sourceforge.net>
date Tue, 09 Feb 2010 01:02:22 +0000
parents 4ce71b5480a8
children 13b3155869e0
comparison
equal deleted inserted replaced
4350:23bf9290140a 4351:e2be38b52d4d
1 I'm proud to release version 1.4.11 of Roundup which fixes a number bugs 1 I'm proud to release version 1.4.12 of Roundup which fixes a number bugs.
2 and closes a potential security hole.
3
4 ALL tracker maintainers MUST read the upgrading documentation to make sure
5 the hole is fixed in their tracker.
6
7 Other changes in this release:
8
9 - Generic class editor may now restore retired items (thanks Ralf Hemmecke)
10 - Fix security hole allowing user permission escalation (thanks Ralf
11 Schlatterbeck)
12 - More SSL fixes. SSL wants the underlying socket non-blocking. So we
13 don't call socket.setdefaulttimeout in case of SSL. This apparently
14 never raises a WantReadError from SSL.
15 This also fixes a case where a WantReadError is raised and apparently
16 the bytes already read are dropped (seems the WantReadError is really
17 an error, not just an indication to retry).
18 - Correct initial- and end-handshakes for SSL
19 - Update FAQ to mention infinite redirects with pathological settings of
20 the tracker->web variable. Closes issue2537286, thanks to "stuidge"
21 for reporting.
22 - Fix some format errors in italian translation file
23 - Some bugs issue classifiers were causing database lookup errors
24 - Fix security-problem: If user hasn't permission on a message (notably
25 files and content properties) and is on the nosy list, the content was
26 sent via email. We now check that user has permission on the message
27 content and files properties. Thanks to Intevation for funding this
28 fix.
29 - Fix traceback on .../msgN/ url, this requests the file content and for
30 apache mod_wsgi produced a traceback because the mime type is None for
31 messages, fixes issue2550586, thanks to Thomas Arendsen Hein for
32 reporting and to Intevation for funding the fix.
33 - Handle OPTIONS http request method in wsgi handler, fixes issue2550587.
34 Thanks to Thomas Arendsen Hein for reporting and to Intevation for
35 funding the fix.
36 - Add documentation for migrating to the Register permission and
37 fix mailgw to use Register permission, fixes issue2550599
38 - Fix styling of calendar to make it more usable, fixes issue2550608
39 - Fix typo in email section of user guide, fixes issue2550607
40 - Fix WSGI response code (thanks Peter Pöml)
41 - Fix linking of an existing item to a newly created item, e.g.
42 edit action in web template is name="issue-1@link@msg" value="msg1"
43 would trigger a traceback about an unbound variable.
44 Add new regression test for this case. May be related to (now closed)
45 issue1177477. Thanks to Intevation for funding the fix.
46 - Clean up all the places where role processing occurs. This is now in a
47 central place in hyperdb.Class and is used consistently throughout.
48 This also means now a template can override the way role processing
49 occurs (e.g. for elaborate permission schemes). Thanks to intevation
50 for funding the change.
51 - Fix issue2550606 (german translation bug) "an hour" is only used in
52 the context "in an hour" or "an hour ago" which translates to german
53 "in einer Stunde" or "vor einer Stunde". So "an hour" is translated
54 "einer Stunde" (which sounds wrong at first). Also note that date.py
55 already has a comment saying "XXX this is internationally broken" --
56 but at least there's a workaround for german :-) Thanks to Chris
57 (radioking) for reporting.
58 2
59 If you're upgrading from an older version of Roundup you *must* follow 3 If you're upgrading from an older version of Roundup you *must* follow
60 the "Software Upgrade" guidelines given in the maintenance documentation. 4 the "Software Upgrade" guidelines given in the maintenance documentation.
5
6 This release includes:
7
8 - Support IMAP CRAM-MD5, thanks Jochen Maes
9 - Proper handling of 'Create' permissions in both mail gateway (earlier
10 commit r4405 by Richard), web interface, and xmlrpc. This used to
11 check 'Edit' permission previously. See
12 http://thread.gmane.org/gmane.comp.bug-tracking.roundup.devel/5133
13 Add regression tests for proper handling of 'Create' and 'Edit'
14 permissions.
15 - Fix handling of non-ascii in realname in the nosy mailer, this used to
16 mangle the email address making it unusable when replying. Thanks to
17 intevation for funding the fix.
18 - Fix documentation on user required to run the tests, fixes
19 issue2550618, thanks to Chris aka 'radioking'
20 - Add simple doc about translating customised tracker content
21 - Add "flup" setup documentation, thanks Christian Glass
22 - Fix "Web Access" permission check to allow serving of static files to
23 Anonymous again
24 - Add check for "Web Access" permission in all web templating permission
25 checks
26 - Improvements in upgrading documentation, thanks Christian Glass
27 - Display 'today' in the account user's timezone, thanks David Wolever
28 - Fix file handle leak in some web interfaces with logging turned on,
29 fixes issue1675845
30 - Attempt to generate more human-readable addresses in email, fixes
31 issue2550632
32 - Allow value to be specified to multilink form element templating, fixes
33 issue2550613, thanks David Wolever
34 - Fix thread safety with stdin in roundup-server, fixes issue2550596
35 (thanks Werner Hunger)
61 36
62 Roundup requires python 2.3 or later (but not 3+) for correct operation. 37 Roundup requires python 2.3 or later (but not 3+) for correct operation.
63 38
64 To give Roundup a try, just download (see below), unpack and run:: 39 To give Roundup a try, just download (see below), unpack and run::
65 40
Roundup Issue Tracker: http://roundup-tracker.org/