Make pkglint happer
This also fixes a number of security issues:
http://www.securityfocus.com/archive/1/425584/30/0/threaded
> Version 2.20.1
> --------------
>
> + Many PostgreSQL fixes, including fixing whine.pl on Pg 8
> (bug 301062) and fixing the --regenerate option of collectstats.pl
> for all versions of Pg (bug 316971). However, users who want full
> PostgreSQL support are encouraged to use the 2.22 series, as
> certain PostgreSQL bugs were discovered that will not be fixed
> in 2.20 (their fixes were too complex).
>
> + In Bugzilla 2.20, the "administrator" user created by checksetup.pl
> would not ever be sent email, because their email preferences were
> left blank. This has been fixed for 2.20.1. However, if you created
> this administrative user with Bugzilla 2.20, make sure to go back
> and enable their Email Preferences. (bug 317489)
>
> + The bzdbcopy.pl script mentioned in these release notes
> has now actually been checked-in to the 2.20 branch, and so
> it's included in this release. (bug 291776)
>
> + When there's only one Classification, you now won't be required
> to pick a Classification on bug entry. (bug 311489)
>
> + You can no longer add dependencies on bugs you can't see.
> (bug 141593)
>
> + The CC list is included in "New" bug emails, again. (bug 313661)
>
> + In the original 2.20, certain scripts were not correctly using
> the "shadow database," if it was specified. This has been fixed
> in 2.20.1. (bug 313695)
>
> + "Saved Searches" that were saved before Bugzilla 2.20, would throw
> an error if they contained "Days Since Bug Changed." as part of their
> criteria. This has been fixed in Bugzilla 2.20.1. (bug 302599)
>
> + You can now successfully delete a product even when Target Milestones
> are turned off. (bug 317025)
>
> + checksetup.pl now correctly pre-compiles templates for languages other
> than English. (bug 304417)
>
> + The "All Closed" chart that is created by default in New Charts
> now actually represents all closed bugs, and not all bugs in the
> product. (bug 300473)
>
> + CSV bug lists with more than 1000 dates now work properly. (bug 257813)
>
> + Various bugs with upgrading from previous versions of Bugzilla
> have been fixed. (bug 307662, bug 311047, bug 310108)
>
> + Many, many other bug fixes. See http://www.bugzilla.org/status/changes.html
> for details on what was fixed between 2.20 and 2.20.1.
From the release-notes.html:
What's New?
New User-Interface Color/Style
Higher-Level Categorization of Bugs (above "Product")
Regular Reports by Email of Complex Queries ("Whining")
"Environment Variable" Authentication Method
User-List Drop-Down Menus
Server-Side Comment Wrapping
UI for Editing Priority, OS, Platform, and Severity
Bugzilla Queries as RSS
Choice of E-Mail Sending Methods
"Large Attachment" Storage
and lots of Miscellaneous Improvements
See http://www.bugzilla.org/releases/2.20/release-notes.html for
all the details.
"Two security issues have been reported in Bugzilla, which can be
exploited by malicious people to disclose system and potentially
sensitive information."
See http://www.bugzilla.org/security/2.18.4/ for more details.
- Update addresses two security issues
- From the ChangeLog:
> Version 2.18.2
> --------------
>
> + You can now create accounts with createaccount.cgi even
> when the "requirelogin" parameter is turned on. (Bug 294778)
>
> + Bugs that are in disabled groups may not show a padlock
> on the bug list, or may otherwise behave strangely. You
> can now fix this using sanitycheck.cgi. (Bug 277454)
>
> + If sendmail dies while you are marking a bug
> as a duplicate, the duplicates table will no longer become
> corrupted. (Bug 225042)
>
> + Any user can change a flag on any bug. This also allows the
> attacker to expose the summary of any bug, even a hidden bug.
>
> + Summaries of private bugs are sometimes exposed under a very rare
> condition if you use MySQL replication.
>
> Version 2.18.3
> --------------
>
> + The query.cgi page was broken in 2.18.2 by bug 300138.
> That is now fixed.
by taken care of by pkgsrc infrastructure anyway.
- The problem is that checkconfig.pl thinks File::Spec v0.90 is v0.9
and complains that the version installed is too old.
- Problem reported by Brandon Adams <brandon.adams@omron.com> on tech-pkg@
- Two "Information Disclosure" security bugs fixed
- From the ChangeLog:
> + You can now enter a negative time for "Hours Worked"
> in the time-tracking area. (Bug 271276)
>
> + The BugMail.pm customization required for Windows (as
> described in the Bugzilla Guide) now actually works. (Bug 280911)
>
> + Users who were using Bugzilla 2.8 can now successfully upgrade
> to 2.18.1 (they couldn't upgrade to 2.18). (Bug 283403)
>
> + Dependency mails are now properly sent during a mass-change of bugs.
> (Bug 178157)
Tracking Systems allow individual or groups of developers to keep track of
outstanding bugs in their product effectively. Most commercial defect-tracking
software vendors charge enormous licensing fees. Despite being "free", Bugzilla
has many features its expensive counterparts lack. Consequently, Bugzilla has
quickly become a favorite of hundreds of organizations across the globe.
What Does Bugzilla Do?
- Track bugs and code changes
- Communicate with teammates
- Submit and review patches
- Manage quality assurance (QA)
Bugzilla can help you get a handle on the software development process.
Successful projects often are the result of successful organization and
communication. Bugzilla is a powerful tool that will help your team get
organized and communicate effectively.
