Update to 4.2.10
Changelog: RT 4.2.10 -- 2015-02-26 ----------------------- RT 4.2.10 contains important security fixes, as well as minor bugfixes. This release is primarily a security release; it addresses CVE-014-9472, a denial-of-service via RT's email gateway, as well as CVE-2015-1165 and CVE-2015-1464, which allow for information disclosure and session hijacking via RT's RSS feeds. As part of these security updates, RT's dependency on the Encode module has been changed, to Encode 2.64. If upgrading, be sure to run rt-test-dependencies to verify that your installed version of Encode meets this requirement; if not, you will need to install a newer version from CPAN. This release is also a bugfix release; most notably, it addresses a bug which causes RT to generate blank outgoing text/plain parts. This fix requires installing the HTML::FormatExternal module, and having an external tool (w3m, elinks, etc) installed on the server. It also introduces indexed full-text searching for MySQL without the need to recompile MySQL to use the external Sphinx tool; instead, a MyISAM table is used for indexing. On MySQL 5.6 and above, an additional InnoDB table can also be used. The complete list of changes includes: General user UI * Speed up the default simple search on all FTS-enabled installs by not OR'ing it with a Subject match. This returns equivalent results for almost all tickets, and allows the database to make full use of the FTS index. * Pressing enter in user preference form fields no longer instead resets the auth token (#19431) * Pressing enter in ticket create and modify form fields now creates or updates the ticket, instead being equivalent to "add more attachments", or the "search" on People pages (#19431) * Properly encode headers in forwarded emails that contain non-ASCII text (#29753) * Allow users to customize visibility of chart/table/TicketSQL in saved charts * Allow groups to be added as requestors on tickets * Perform group searches case-insensitively on People page (#27835) * Ticket create transactions for tickets created via the web UI now contain mocked-up From, To, and Date headers; this causes them to render more correctly when forwarded * Update wording of error message for saved searches without a description (#30435) * Flush TSV download every 10 rows, for responsiveness * Retain values in Quick Create on homepage if it fails (#19431) * Limit the custom field value autocomplete to 10 values, like other autocompletes (#30190) * Fix a regression in 4.0.20/4.2.4 which caused some users to have blank homepages (#30106) * Fix styling on "unread messages" box on Ballard and Web2 themes * Fix format of Date headers in RSS feeds (#29712) * Adjust width of transaction date to accommodate all date formats (#30176) * Allow searching for tickets by queue lifecycle Command-line * Fix server name displayed at password prompt when RT is deployed at a non-root path like /rt (#22708) Admin * If the optional HTML::FormatExternal module is installed, use w3m, elinks, links, html2text, or lynx to format HTML to text. This addresses problems with the pure-Perl HTML-to-text converted which resulted in blank outgoing emails. (#30176) * Add support for native (non-Sphinx) indexed full-text search on MySQL. This uses the InnoDB fulltext engine on MySQL 5.6, and an additional MyISAM table on prior versions of MySQL. * Support MySQL database names with dashes in them (#7568) * Properly escape quotes and backslashes in config options in web installer (#29990) * Increase length of template title form input * Clarify wording on updating old Organization values by rt-validator * Resolve a runtime error for SMIME without secret keys (#30436) * Empty email addresses are no longer caught as being "an RT address" if there exist queues without Correspond addresses set (#18380) * Allow Parents/Children/Members/MemberOf in CreateTickets action * Allow RT-Originator to be overridden in templates * Ensure that HTML-encoded entities are indexed in FTS * Fix uninitialized value warnings from charts grouped by date * Remove no-op $CanonicalizeOnCreate configuration variable; RT::User->CanonicalizeUserInfo is always called * Make NotifyGroup action respect AlwaysNotifyActor argument * Fix X-RT-Interface header on incoming email on existent tickets * Warn on startup if queues have invalid lifecycles set (#28352) Developer * Add AfterHeaders callback to ShowMessageHeaders * Update all upgrade steps to use .in files (#18856) * Add policy tests to enforce the new upgrade step standards * Remove +x bit from multiple non-executable files * Make Obfuscate callback in configuration options be passed the current user, as was documented * Remove obsolete _CacheConfig parameters * Preferentially use IN rather than multiple OR clauses * Respect RowsPerPage for external custom field values * Localize default statuses from RT_Config.pm, instead of hardcoding * Add callbacks within Dates box after each type of Date * Pass the CustomFieldObj down to CustomFieldValue objects intact, so its ContextObj can be inspected; this is particularly useful for external custom fields. * Allow more than one right per @ACL in initialdata * Don't hardcode share/html in tests, for non-default layouts * Base detection of new themes on presence of main.css file, not base.css file (#30554) * Allow for relative "lib" in @INC when running tests * Allow EditComponentName customfield callback to alter Rows/Cols values Serializer/importer * Memory usage improvements in both serialization and import * Templates, Scrips, and ObjectScrips now serialize correctly when not cloning Documentation * Document how to enable un-indexed full-text-search, and its drawbacks * Note that after restoring from backups, PostgreSQL may need to have statistics updated * New documentation on writing portlets * Add an =pod directive so the first paragraph of UPGRADING is not skipped * Clarify when UPGRADING-x.y steps should be run * Better document known bugs with Sphinx FTS * Add missing semicolon on Shredder suggested indexes
This commit is contained in:
ryoon
parent
91fb03f2b0
commit
33705aaf29
3 changed files with 14 additions and 12 deletions
|
|
@ -1,6 +1,6 @@
|
|||
# $NetBSD: Makefile,v 1.15 2014/11/30 00:20:44 ryoon Exp $
|
||||
# $NetBSD: Makefile,v 1.16 2015/03/01 21:25:17 ryoon Exp $
|
||||
|
||||
DISTNAME= rt-4.2.9
|
||||
DISTNAME= rt-4.2.10
|
||||
PKGNAME= ${DISTNAME:S/rt/rt4/}
|
||||
CATEGORIES= devel
|
||||
MASTER_SITES= http://download.bestpractical.com/pub/rt/release/
|
||||
|
|
@ -36,7 +36,7 @@ DEPENDS+= {perl>=5.8.1,p5-Digest-MD5>=2.27}:../../security/p5-Digest-MD5
|
|||
DEPENDS+= p5-Digest-SHA-[0-9]*:../../security/p5-Digest-SHA
|
||||
DEPENDS+= p5-Email-Address>=1.897:../../mail/p5-Email-Address
|
||||
DEPENDS+= p5-Email-Address-List-[0-9]*:../../mail/p5-Email-Address-List
|
||||
DEPENDS+= {perl>=5.11.3,p5-Encode>=2.39}:../../textproc/p5-Encode
|
||||
DEPENDS+= p5-Encode>=2.64:../../textproc/p5-Encode
|
||||
# Errno is a part of perl base.
|
||||
# File::Glob is a part of perl base.
|
||||
DEPENDS+= p5-File-ShareDir-[0-9]*:../../devel/p5-File-ShareDir
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST,v 1.7 2014/11/30 00:20:44 ryoon Exp $
|
||||
@comment $NetBSD: PLIST,v 1.8 2015/03/01 21:25:17 ryoon Exp $
|
||||
share/examples/rt4/RT_Config.pm
|
||||
share/examples/rt4/RT_SiteConfig.pm
|
||||
share/rt4/bin/rt
|
||||
|
|
@ -58,6 +58,7 @@ share/rt4/data/docs/schema.dot
|
|||
share/rt4/data/docs/security.pod
|
||||
share/rt4/data/docs/web_deployment.pod
|
||||
share/rt4/data/docs/writing_extensions.pod
|
||||
share/rt4/data/docs/writing_portlets.pod
|
||||
share/rt4/data/fonts/Droid.README
|
||||
share/rt4/data/fonts/DroidSans.ttf
|
||||
share/rt4/data/fonts/DroidSansFallback.ttf
|
||||
|
|
@ -1227,6 +1228,7 @@ share/rt4/etc/upgrade/4.1.8/schema.SQLite
|
|||
share/rt4/etc/upgrade/4.1.8/schema.mysql
|
||||
share/rt4/etc/upgrade/4.1.9/content
|
||||
share/rt4/etc/upgrade/4.2.1/content
|
||||
share/rt4/etc/upgrade/${PKGVERSION}/content
|
||||
share/rt4/etc/upgrade/4.2.2/content
|
||||
share/rt4/etc/upgrade/4.2.2/schema.mysql
|
||||
share/rt4/etc/upgrade/4.2.4/content
|
||||
|
|
@ -1235,12 +1237,12 @@ share/rt4/etc/upgrade/4.2.6/schema.mysql
|
|||
share/rt4/etc/upgrade/4.2.7/content
|
||||
share/rt4/etc/upgrade/4.2.8/content
|
||||
share/rt4/etc/upgrade/generate-rtaddressregexp
|
||||
share/rt4/etc/upgrade/sanity-check-stylesheets.pl
|
||||
share/rt4/etc/upgrade/shrink_cgm_table.pl
|
||||
share/rt4/etc/upgrade/shrink_transactions_table.pl
|
||||
share/rt4/etc/upgrade/sanity-check-stylesheets
|
||||
share/rt4/etc/upgrade/shrink-cgm-table
|
||||
share/rt4/etc/upgrade/shrink-transactions-table
|
||||
share/rt4/etc/upgrade/split-out-cf-categories
|
||||
share/rt4/etc/upgrade/switch-templates-to
|
||||
share/rt4/etc/upgrade/time-worked-history.pl
|
||||
share/rt4/etc/upgrade/time-worked-history
|
||||
share/rt4/etc/upgrade/upgrade-articles
|
||||
share/rt4/etc/upgrade/upgrade-mysql-schema.pl
|
||||
share/rt4/etc/upgrade/vulnerable-passwords
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
$NetBSD: distinfo,v 1.9 2014/11/30 00:20:44 ryoon Exp $
|
||||
$NetBSD: distinfo,v 1.10 2015/03/01 21:25:17 ryoon Exp $
|
||||
|
||||
SHA1 (rt-4.2.9.tar.gz) = f3433d388d59283b4ea28d588af69fd16f870aae
|
||||
RMD160 (rt-4.2.9.tar.gz) = 4da68de9789933d2b92d74ce98422d4dd638f88b
|
||||
Size (rt-4.2.9.tar.gz) = 7496950 bytes
|
||||
SHA1 (rt-4.2.10.tar.gz) = 92af386e9c09a0e9489ec1cd55b66c65b77d22be
|
||||
RMD160 (rt-4.2.10.tar.gz) = 43eae6a7d1a4710965e9926f57d27fcdfc3322cf
|
||||
Size (rt-4.2.10.tar.gz) = 7628431 bytes
|
||||
SHA1 (patch-Makefile.in) = d46b5cd6e9de77409ac8d6b6c172bc9dd3ed96be
|
||||
SHA1 (patch-config.layout) = 1e237d38d4e3a2ad6c240feb3e58f1345c7ff476
|
||||
|
|
|
|||
Loading…
Reference in a new issue