Commit graph

71 commits

Author SHA1 Message Date
wiz
d2ca14a3f1 Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.
2013-05-31 12:39:57 +00:00
spz
8dc0e467bf security update for RT3, fixing:
CVE-2013-3368
    CVE-2013-3369
    CVE-2013-3370
    CVE-2013-3371
    CVE-2013-3372
    CVE-2013-3373
    CVE-2013-3374

It also includes a database upgrade, so please make sure to run `make
upgrade-database`.

Changes in detail are:
3.8.15->3.8.16:
ruz 	stop RT from locking on "large" mails
ruz 	make sure data is recorded (tests)
alexmv 	Remove bogus argument to ->get(), which fail on HTTP::Message >= 5.05
alexmv 	Ensure that tickets are destroyed before global destruction, in more
alexmv 	Work around a bug in perl < 5.13.10 with open($fh, ">:raw", \$string)
sunnavy destroy more tickets and objects before global destruction for modern
tsibley Remove the "signature" paragraph from the README's explanation of RT

3.8.16->3.8.17:
alexmv 	Ensure that filenames in inline image attributes are HTML-escaped
alexmv 	Deny direct access to callbacks
alexmv 	Protect calls to $m->comp with user input in ColumnMap
alexmv 	Ensure that subjects cannot contain embedded newlines
alexmv 	Remove filename= suggesions from Content-Disposition lines
alexmv 	Ensure consistent escaping of filenames in attachment URIs
alexmv 	Ensure that URLs placed in HTML attributes are escaped correctly, to
	prevent XSS injection
alexmv 	Ensure that the default replacement does not pass through unescaped
	content
alexmv 	Use File::Temp for non-predictable temporary filenames
2013-05-26 16:55:53 +00:00
spz
bad1a22fea Update to the latest version in the rt3 train. Contains security updates:
3.8.15 Release Notes

   This release resolves a number of security vulnerabilities.
   It resolves CVE-2012-4730, CVE-2012-4732, CVE-2012-4734, CVE-2012-4735,
   and CVE-2012-4884.

   In addition to these security fixes, RT 3.8.15 contains support for
   partitioned PGP messages.

  3.8.14 Release Notes

   This release contains two fixes related to the 3.8.12 security release.

   Access to search results URLs is now CSRF whitelisted, based on user
   feedback.
   An error in rt-email-dashboards has been corrected.

  3.8.13 Release Notes

   This release contains an important bugfix over the 3.8.12 security
   release:

    * Fix sending email with the 'perl-script' mod_perl handler, by
      ensuring that STDIN was always on FD 0 before calling IPC::Open2.
      This failure showed as either SIGPIPE or abnormal exit codes when
      running sendmail.

    * Fix for "Undefined value assigned to typeglob" and "Bad file
      descriptor: core_output_filter" errors caused by the above change, by
      ensuring that both FD 0 and FD 1 are prevented from being claimed by
      Apache.  This error only arose with the perfork MPM and mod_perl <=
      2.0.4.
2012-10-31 20:39:26 +00:00
wiz
8b5d49eb78 Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.
2012-10-03 21:53:53 +00:00
sbd
ce39ceec63 Change 'pax' to '${PAX}', because 'pax' may not exist if using nbpax. 2012-09-25 07:08:22 +00:00
spz
b7c15a9cf9 Update RT to version 3.8.12:
Changes from 3.8.11 to 3.8.12:
    This release, in addition to being a bugfix release, also resolves a
    number of security vulnerabilities.  It resolves CVE-2011-2082,
    CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458,
    CVE-2011-4459, and CVE-2011-4460.

     * Upgrade prototype.js to version 1.7, for compatibility with google
       charts.
     * Remove ie7.js, which is no longer used.
     * Ensure that TransactionBatch scripts are only run once.

Changes from 3.8.10 to 3.8.11:
    This release contains a number of bugfixes and minor security updates
    since the 3.8.10 release, most notably:

     * Adjust FCGI dependency to one which resolves FCGI's CVE-2011-2766

     * New WebHttpOnlyCookies option, enabled by default, which hides RT's
       cookie from direct Javascript access.

     * Compatibility with perl 5.12 and 5.14, by removing deprecated "for
       qw(...)" and "defined %hash" syntax.

     * MySQL 5.5 compatibility, by specifying ENGINE=InnoDB rather than
       TYPE=InnoDB

     * Ensure that RT::Interface::Web's _Overlay, _Local, and _Vendor files
       are loaded correctly.

     * Fix session cleaner for on-disk sessions, broken since 3.8.0.

     * Ensure that only one "Based on" attribute is stored for each custom
       field.

     * Fix the loading of Shredder plugins, broken in 3.8.10.
2012-05-25 19:55:43 +00:00
spz
814e9daf2a make rt deal with perl 5.14 2011-10-25 19:38:09 +00:00
spz
168a945b0c Upstream announce message:
This release, in addition to being a bugfix release, also resolves a
number of security vulnerabilities.  It resolves CVE-2011-1685,
CVE-2011-1686, CVE-2011-1687, CVE-2011-1688, CVE-2011-1689, and
CVE-2011-1690.

* Cleanups identified by perlcritic.
* Clear the system attribute cache to avoid 'sticky' attributes like
  the queue subject tag.
* Fix our signature escaping so we better match FCKEditor and don't
  misidentify signatures during processing.
* Add the ability to create BasedOn Custom Fields from intiialdata
* Provide a callback to affect the display format in admin pages
* Fix id prefixing on Custom Fields to be RTIR compatible
* Fix #16656 - Requestors with OwnTicket could show up in the owner list
  in other Queues.
* Don't attach the original multipart mail to notifications that already
  contain one part of it.
* Work around CGI.pm 3.51 and 3.52 which add ; charse=ISO-8859-1 to our
  utf-8 encoded javascript.
2011-04-16 09:41:19 +00:00
adam
76fec1155f init also requires --datadir 2011-04-14 12:42:56 +00:00
spz
28483f6d36 add a missing file, fix a few paths 2011-02-27 17:05:57 +00:00
spz
0c8708b982 Update of rt3 to version 3.8.9
Changelog:

SECURITY

* Move to a SHA-256 based password hashing scheme
* Redirect users to their desired pages after login.
  This prevents possible back button attacks after a user logs out.
* Clone Scrip's TicketObj since we change the CurrentUser and it can
  leak information (Custom field values, etc)

INSTALLATION

* Fixes to the RH Layout in config.layout

ACCESS CONTROL

* New AdminCustomFieldValues right that allows user to add/remove
  CF values, but not edit the CF

CONFIGURATION

* Add ResolveDefaultUpdateType to choose between Comment or Correspond
  on Resolve
* When using Set($MailCommand, 'testfile') log all mail to the
  same tmpfile
* Add a callback to allow extensions to redirect a user to an external
  auth logout URL using RT's logout button. This ensures that the user's
  RT session is cleared
* Add SuppressAutoOpenOnUpdate preference

DOCUMENTATION

* Clean up README
* Update UPGRADING.mysql documentation for users of older mysql
* Flag that "Let this user be granted rights" means "Privileged"
* Fix rt-crontool examples to use a real Condition
* Undocument SenderMustExistInExternalDatabase since the code was
  never merged
* Better document SetOutgoingMailFrom
* Better document shrink_cgm_table.pl

DATABASE

* Add support for Postgres 9
* No longer record transactions for ACL Equivalence Groups
* Don't delete all RT MySQL ACLs before invoke GRANT
* Quote database name for GRANT on MySQL
* Insert extensions' schema and acl files as the DBA
* Fix searches for empty Attachments on Oracle

EMAIL

* Better handling of mail generated by Outlook
* When RT's SendmailCommand fails, record it in ticket history
* New GPG tests and bugfixes for corner cases
* use EmailOutputEncoding for Content-Type.charset
* Handle failures in MIME Encoding better
* Small bugfixes for text/html templates
* Fix MIME decoding on ticket subjects
* Remove stray colons and whitespace in the default Admin Comment
  template

USER INTERFACE

* Fix an infinite loop when using the 3.4-compat theme
* Fixes to CollectionList sorting
* css positioning tweaks for page menus
* Fixes for Bulk Update when users click 'Add More Files'
* Skip all watchers when offering to add CCs as Watchers
* Fix ahah.js to handle more than one CF 'Include page' link
* Ensure that Nobody is always at the front of the Select Owner list
* Link Basics in SelfService to the Update page
* Fix toggling js to only run once
* Ensure signatures are included in Jumbo edits
* Better identify (in the UI) a misconfigured GPG setup
* GPG key management UI updates
* Add classes/ids to the Custom Field Editing pages
* CSS Fixes for preferences widgets
* Fix truncated top values on Charts
* Wording and layout changes for the 'update password' widget
* Ensure that we keep Anchor tags on redirects
* Fix loading a new search on the Chart/Graph pages
* Change Attachment size label from Bytes to Megabytes
* Respect timezones in timestamps in /Approvals/
* Charset fixes for Ticket Attachment downloads
* Bar graph fixes for large numbers of bars
* Allow a callback on QuickCreate to pass a default Status
* Fix Approvals to make one search for approval tickets that distincts
  and orders them
* Link from Group Membership lists to User admin pages
* New callbacks (autohandler, default queue, aborting ticket updates,
  after requestor on create)
* Fix non-local local links and add t: syntax
* Editing Transaction custom fields now shows errors inline
* Use the ShowUser element more consistently across the UI

TOOLS

* Improvements to extract-message-catalog (translation tool)
* Let shrink_cgm_table and shrink_transactions display "percent complete"
* Added a simple script to naively generate a RTAddressRegexp
* Install rt-attributes-viewer originally shipped with 3.8.8
* bin/rt now searches for global configs in LOCAL_ETC_PATH also

OTHER BUG FIXES

* No longer refuse to start if you upgraded from a version of RT that
  allowed you to have invalid Scrips
* Handle broken Reminders links when users change their Organization
* Trim whitespace from CustomFieldValues consistently
* RFC2616 dates are always in UTC
* Scrips can no longer have an empty Condition, Action or Template
* make multi-value REST fields separated with commas ignore spaces
* Localize ENV changes under mod_perl
* Don't page group memberships for a User
* Skip disabled Queues when a Simple Search term matches a Queue Name
* Add TransactionObj to CreateTickets templates to match the docs
* Fix the use of Tickets_Local.pm in rt-email-dashboards and rt-crontool
* Escape more characters in graphviz output
* Fix message when you fail to delete a saved search to tell you
  Permission Denied
* Include Rules with Scrips when previewing recipients
* Ensure that distribution upgrades that break Scalar::Util show up in
  apache logs
* Fix warnings on empty Collection List headers
* Log errors from safe_run_child
* Refuse to run if webmux.pl and RT.pm are mismatched
* Actually log the error that caused "Can't load a principal for id #"
* Switch to using $Approver->Name in templates since an AdminCc can
  approve
* Allow fastcgi_server to specify a port
* Guard against SavedSearches with no content
* Ensure our output is always flagged as utf-8
* Allow queries like "Priority > -2"
* Fixes to Private/Public key methods
* Return 'set private key' from SetPrivateKey, not 'unset private key'
* Protect STDOUT under mod_perl - among other things, this fixes
  Scrips that use system()
* Fix forwarding of messages without a top level textual part
2011-02-26 20:58:15 +00:00
spz
5a4469c01f update to version 3.8.8, partially by sno@
Upstream Changelog:

NEW FEATURES AND MAJOR CHANGES

* Aaron Sigel performed a security audit of RT and pointed out
  a number of potential improvements which have been addressed

* Charts improvements

    * Time-based charts can now show "hourly" goupings.
    * ChartFont option is now hash with font per language.
    * Two default fonts are shipped with RT to cover most
      supported languages.
    * The table of chart results now contains links to tickets
      matching a given row.
    * Timezones support, but protected with config option.
    * Better scaling of Y axis.
    * X axis labels are now vertical if there is not enough
      space to display them horizontally.

* RTAddressRegexp option improvements

    * No default value anymore.
    * If no value is set then RT will attempt to calculate the right value
      from the user-defined queue addresses.
    * On create/update/people pages RT now checks addresses
      users enter and stop users from entering known
      addresses for RT queues.

* Admin UI improvements

    * Improved display of the "About this RT" page.
    * More pages in the Admin UI have been switched to generic
      code to list objects (like tickets in search results)
    * Display formats for these objects are now configurable
      in the config file (%AdminSearchResultFormat)
    * More columns in column maps for objects other than
      tickets.

* Custom fields ordering and application improvements

    * Queue specific custom fields now can be placed above
      global, below or even in the middle. Order of global
      custom fields stays the same in all queues, but a custom
      field that is applied to particular queues can be placed
      differently in each queue.
    * Make it possible to apply a CF globally from 'Applies To'
      page.
    * RT no longer allows you to apply a CF globally and to queues
      at the same time. When CF is applied globally it is
      un-applied from specific queues first.

* Refactored simple (googleish) search

    * new options in the config to control defaults
    * new keywords to search for particular things

* RSS feeds now contain embedded single-query authentication strings
* We've Introduced a config option to prevent adding the
  RT-Originator header in outgoing mails.
* New MessageBoxIncludeSignature* options
* LogoutRefresh config option to control how long to wait
  before going back to login
* New config option for AttachmentUnits
* New config option for AlwaysDownloadAttachments
* RT now requires your current password to change any password
* Improved LinkValueTo and returned back functionality

    * if LinkValueTo starts with __CustomField__ then don't
      escape it, but make sure it's not a JS link
    * escape links using HTML escaping
    * don't wrap into <a> with empty href if link is empty

* Added DefaultMailPrecedence and DefaultErrorMailPrecedence
  config options
* Squelch watchers on update. This makes doing silent
  Updates possible
* New web handler: bin/fastcgi_server
* Refactored Elements/ShowUser so it's easy to add custom
  formats. Several performance improvements in this code.
* MERGE_CACHE to cache information about merged tickets and
  lower logs and DB impact on re-checks
* Made NotifyActor into a User Preference
* If the MIME entity has header X-RT-Squelch, do not send
  the message
* Improved print layouts
* Serve images in js and css dirs as static files,
  so browsers cache them more agressively
* Added HasAttribute and HasNoAttribute to TicketSQL
* New faster and less memory hungry TicketsMaps - First, Prev,
  Next and Last links when you view tickets from the current
  search. Size is now limited by a new config option. Floating
  window is used to build the links.

CLEANUPS AND SMALL IMPROVEMENTS

* Updated doc/Security with more modern security tips
* Made the plaintext mono feature work in IE.
* Better timezone handling in Tools/Reports/ResolvedByDates.html
* Make sure we don't serve files outside RT's paths
* Additional checks to make sure that credentials
  are sent to RT on Login
* Moved CustomField column map from tickets' to generic
* Make height, width, href and alt of the logo configurable
* Load as much as possible when a web-handler with forks
  is used, this increase memory sharing across processes
* A link provided for approvals templates to whoever worked
  the approval
* Global __WebRequestPath__ and __WebRequestPathDir__
  column map entries
* Process custom fields in ModifyDates.html
* Handle Ccs and AdminCcs of the queue in SkipNotification
  feature
* Sort callbacks within a root only, respect plugins
  order
* Add some wording to the check boxes on the reply pages
* Reduce whitespace on bottom of boxes as was earlier
* Use smaller margin for reminders display to save space
* Use a reasonable length for scrip descriptions
* Removed a lie about RT CLI still being "unsupported"
* User friendlier errors handling thrown by Calendar::Simple
* Split some CSS from themes into base/xxx.css
* Googleish search was making incorrect assumptions
  about RT::User and RT::Group's Load function
  returning a boolean not a list. This was throwing
  (harmless, but ugly) errors.
* Don't apply order on collections if sorting is not
  allowed
* Removed the "URL" parameter to 'Logout' as it had no
  legitimate use.
* make instal and testdeps tests to avoid some versions
  of modules that are known to be buggy or incompatible,
  for example DBD::Oracle 1.23

BUG FIXES

* properly use AND/OR when content is searched and
  DontSearchFileAttachments option is enabled
* Make sure Merge only possible when user has Modify
  right on both tickets
* Fixes for UseSQLForACLChecks option, it was possible
  to construct a query and see tickets an user has no
  right to see. Lots of tests have been added to make
  sure it wouldn't happen again.
* SQL used for ACL checks has been refactored to get
  more effective queries. Especially when list of
  potential owners is built for the query builder.
* Unified API for tables with disabled column and
  fixes when ->Count could return bigger value
  when some CFs are disabled.
* I18N was transcoding attachments to UTF-8 one line
  at a time. This doesn't work at all for UTF-16 and
  probably other encodings.
* Fixed encoding problem when loading a dump file
  produced by rt-dump-database.
* A closing </li> was missing in PreviewScrips comp
* Fixed config loading when Fcntl module or other exporting
  symbols is loaded. Load was failing with "Not a SCALAR
  reference" error.
* Returned back effective SQL when searching by CFs with
  = or != operator
* Fixed error on login when user make mistake in password
  and he entered character out of ASCII range.
* Honor a user's MessageBoxRichTextHeight setting
* Fixed query builder behaviour with NULLs and '' (empty values)
* Fixed potential information loose on incorrect GnuPG mails
* Fixed display-all-rows in Dashboards
* Fixed JS escaping issues
* Set context object in OCFV::CustomFieldObj
* Sessions ended up in /tmp/ in some cases
* Fixed safe_run_child when code dies between fork and exec,
  deals with "mysql server has gone away" error
* fix Jumbo reloading and losing message content
* Stop infinite looping when you have global custom
  fields and no Queue restriction
* Fixed sorting of custom fields in Results.tsv
* Set of fixes for Unicode characters in emails
  and tests covering these changes
* Don't create handles we don't need, we can hit limit
* Prevent servers using GnuPG from running out of file handles

TRANSLATION

Updates merged from launchpad and two new languages: nn.po
and pt_PT.po. Thanks to all contributors.

CALLBACKS

* AboutThisUser in ShowPeople box
* Between the GnuPG and message rows
* AfterSubject
* Before and After CustomFields
* Before and After TransactionCustomFields
* AfterAddress in PreviewScrips
* At the top of ticket summary columns
* For adding links for attachment downloads
* At the bottom of the logout box
* Pass more information to the FormStart callback
  in Ticket/Update.html
* AfterMessageBox on ticket create page
* ShowTransaction/AfterAnchor
* In EditDates and ShowDates
* Pass a reference to the signature in MessageBox's callback
* For inserting text after the transaction's description
* AfterUpdateType in Jumbo.html and Update.html
2010-09-17 21:41:54 +00:00
spz
2d964d68aa perl FCGI 0.69 onwards is more picky about the strings it gets.
Thus, if you feed it perl strings with utf-8 you get a complaint about
wide characters in the string.
The new patch-ac contains a fix.
2010-04-13 21:06:30 +00:00
spz
82bfd109ba improve gnupg handling 2010-03-14 13:12:04 +00:00
spz
9b6cc1782b update maintainer (*brrr* :)
Update to next version (thanks to Frederic Jaeckel for the prod).
The upstream changelog is:

* Stop old DateTime or DateTime::Locales from exploding in Preferences
* Move all JS for hierarchical CFs onto derivative field; remove DerivativeCFs
  method
Fix bug on Oracle when selecting against a CLOB
* Call the method on the object, not the username string (Reported by
  Philip Shore)
Fix error when using WebExternalAuth and setting user info
* When using WebExternalAuth don't issue a new session cookie on each request
Fix lost attachments when using WebExternalAuth. WebExternalAuthContinuous
can be set back to 1
* Mention missing index that was only added to upgrade scripts
* fixes for PlainTextMono config option introduced in 3.8.6
* fixes for updating charts and dashboards
* delete links from Bulk Update
2010-01-17 15:45:54 +00:00
spz
06097645aa update of rt3 to next version (without the session hijacking vulnerability)
upstream changelog:
UPGRADING FROM 3.8.5 and earlier - Changes:

You can now forward an entire Ticket history (in addition to specific
transactions) but this requires a new Template called forward ticket.
This template will be added when you run.

/opt/rt3/sbin/rt-setup-database --dba root --prompt-for-dba-password --action upgrade

Custom fields with categories can optionally be split out into
hierarchical custom fields.  If you wish to convert your old
category-based custom fields, run:

    perl etc/upgrade/split-out-cf-categories

It will prompt you for each custom field with categories that it
finds, and the name of the custom field to create to store the
categories.

If you were using the LocalizedDateTime RT::Date formatter from code
and passing a DateFormat or TimeFormat argument, you need to switch from
the strftime methods to the cldr methods (ie full_date_format becomes
date_format_full)
You may have done this from your RT_SiteConfig.pm by using
Set($DateTimeFormat, { Format => 'LocalizedDateTime', DateFormat => 'medium_date_format' );
2009-12-04 09:30:20 +00:00
spz
175a28bdea security update (lesser impact) to version 3.8.5 2009-09-15 23:15:58 +00:00
spz
471adca199 where env PATH is being set for security reasons, have it include $PREFIX/bin
pointed out by "Peter C. Lai" <peter@simons-rock.edu>
fixes PR 41571
2009-07-29 05:25:33 +00:00
spz
57354c3c8c security update to version 3.8.4 2009-06-21 15:31:39 +00:00
joerg
7fdde28ea5 Convert @exec/@unexec to @pkgdir or drop it. 2009-06-14 18:48:07 +00:00
joerg
bacea7cad5 Remove @dirrm entries from PLISTs 2009-06-14 17:48:39 +00:00
abs
2482ac6fc5 Switch p5-Time depends to p5-Time-modules 2009-06-09 17:34:50 +00:00
tonnerre
4f25b30a45 Add some missing dependency entries and update some outdated versions.
PKGREVISION++ so people get it.
2008-08-24 14:05:16 +00:00
tonnerre
694bbd4154 Update rt3 to version 3.8.1 (from 3.6.6). Changes are:
* New visual style (web2).
 * Rich text mails.
 * Email signatures and encryption.
 * User settings for:
   - Ticket history ordering.
   - Timezones.
   - Date and time format.
   - Username format.
   - Default queue.
   - Size of message text boxes.
 * Charts of ticket relationships.
 * Breeze through upgrades with new upgrade tools.
 * Subscribe to iCalendar feeds of ticket due dates.
 * Bookmark frequently-used tickets.
 * Turn off mail from RT when you go on vacation.
 * Get your mail from RT as a daily or weekly batch.
 * Delete historical or spam tickets with RT::Shredder (only as a superuser).
 * Set up more configurable business rules with new Scrip Conditions and
   Actions.
 * Forward tickets to third-parties from within RT.
 * Enable and Disable RT extensions with the new Plugins system.
 * Automatically log out inactive users with rt-clean-sessions.
 * Run faster with less memory, thanks to numerous  performance improvements
   and bug fixes.
 * Fixed a potential HTML injection attck via user's properties.
 * Better support for installation on Solaris and FreeBSD (non-GNU make).
 * Updates to documentation and scripts for upgrading from MySQL 4.0
 * Updated upgrade documentation for the new Queue Tag and bookmarks features.
 * Multiple bugs in iCal support fixed.
 * Backwards compatibility fixes for extensions developed against 3.6
 * Added support for external links in tabs and targets.
 * Addition of a new callback before ticket creation so you can implement
   custom validation or stop creation for another reason.
 * Missing documentation to external authentication configuration variable
   in bin/rt and make it possible to set it via ENV.
 * Merged method in RT::Ticket.
2008-08-23 23:58:29 +00:00
seb
7099d21a97 RT's installed script PREFIX/sbin/rt-dump-database needs the Perl Module
XML::Simple. Hence add a dependency on p5-XML-Simple package.

While here ensure that PREFIX/{bin,sbin} are created during install phase.

Bump PKGREVISION to 4.
2008-07-23 18:00:55 +00:00
joerg
3d8ef5a52d Second round of explicit pax dependencies. As reminded by tnn@,
many packages used to use ${PAX}. Use the common way of directly calling
pax, it is created as tool after all.
2008-05-26 02:13:14 +00:00
cube
29b9319b25 Drop maintainership of RT-related packages. I am no longer maintaining a
RT installation.  <small>What a relief!</small>
2008-04-30 10:20:20 +00:00
cube
c551f161eb Make dependencies match reality (notably for the minimal version of
critical packages such as DBIx::SearchBuilder), including removing no
longer needed ones.

Bump PKGREVISION.
2008-04-30 10:13:37 +00:00
jlam
841dfa0e7a Convert to use PLIST_VARS instead of manually passing "@comment "
through PLIST_SUBST to the plist module.
2008-04-12 22:42:57 +00:00
wiz
30522208b4 Fix typo in @dirrm. Bump PKGREVISION. 2008-03-24 21:55:36 +00:00
tonnerre
f8c06191f1 Add rt upgrade dir for upgrades from versions lt 3.5.1
Approved-by: gavan, cube
2008-03-22 18:44:44 +00:00
tonnerre
d3f38f08b6 Update rt to version 3.6.6
Significant changes:
 - Reminders (remind of taking actions on an inactive bug at some point)
 - "Googleish" simple searches
 - Email input completion
 - Revamped theme engine
 - Support for UTF-8 password
 - Many more translations
 - Various Bugfixes

Approved-by: cube
2008-03-16 20:47:03 +00:00
cube
433b2815fa Pull up a change from 3.6.5 to support MIME-tools > 5.420.
PR#37372 by Jon Bailey.

No version bump:  riding the update 5 minutes ago.
2007-11-13 02:52:06 +00:00
cube
b50c15d7a9 Update to version 3.4.6.
Features:

New config option 'OldestTransactionsFirst'.
By default, RT shows newest transactions at the bottom
of the ticket history page, if you want see them
at the top set this to 0.

Email plugin may return special constant to indicate
that it's done requested action and RT shouldn't
run default action handling code.
See also RT::Interface::Email.

Added support for timezones in RT::Date::SetToMidnight
method, this allowed us to fix problems with searches
by date.

Applied David Schweikert's patch that adds the useful
LastUpdated field to the fields returned through
the REST interface.

Added a "RH" RedHat layout option to config.layout.
Thanks to Paulo Matos.

New command line options in the rt-crontool script:
* add --transaction argument with two possible
   values: 'first' and 'last'
* add --transaction-type argument to allow a user
   to select type of transaction, for example
   'Correspond' or 'Comment'.
With these changes crontool can send notifications
and other actions which need access to transaction
object.

New callbacks in html/Ticket/Elements/ShowSummary:
LeftColumn and RightColumn.

Display a custom field value without lists HTML markup
when a ticket has only one value for the custom field.

Add additional HTML classes to the cells in
Ticket/Elements/ShowBasics and Ticket/Elements/ShowDates
mason templates.

Fixes:

Don't die any more on error during custom fields
creation in rt-setup-database, but report and
continue with next object.

Dropped 'exit' call in exceptions handling code.

Fixed untake operation during tickets transfer
between queues when an owner has no right to own
the ticket in the destination queue and the
current user is different person. Note in new
implementation we write untake tansaction from
RT_System user.

Fixed problem when RT were failing with error:
"Couldn't call method IsLocal on undefined value".

Got rid of some noisy warnings and cleaned up
some code.

Fixed attchments loosing during next steps:
     1) open ticket #1
     2) click reply
     3) upload attachment
     4) open ticket #2 in another browser window
     5) send reply to the ticket #1
RT was loosing uploaded attachment due to step 4) as RT.

Finding disabled groups should actually find them, now.

Fixed `rt ls -l` when RT server isn't at /.
Thanks to Mark Eichin.

Reed Loden caught a perltidy error that, somewhat
terrifiyingly, was still a valid mason page.

People may saw error "Could not convert attachment
from assumed utf8 to ''" in the log. We don't even
try to convert any more when target encoding is empty.

Fixed maxsize attribute of input fields for subject.
In DB we have limit 200, but these tags were set to
old value of 100.

Backported fix for TimeTaken updates. RT could call
method _UpdateTimeTaken on record objects that have
no such method.

Fixed RT failures under mod_perl2 with Oracle database.

In QuickCreate element now we use SelectNewTicketQueue
instead of SelectQueue.

Fixed problems on server start up with error message
'Not root path(s) specified'.

Now we load only required regular expressions from
Regexp::Common namespace.

In RT::Tickets::_EnumLimit now we load referenced object
only if value is defined and is not number, this avoid
several fetches from caches or in worst case from DB.
Use this advantage in Quicksearch element, change in
"RT at glance" load time should be noticable on systems
with many queues.

Added handling for all possible errors in
the RT::Action::SendEmail module.

Improved handling of errors in the RT::Template class.

In the RT::Group method 'crit' was being called on
the wrong object. Thanks to Todd Chapman

Allow an administrator to add 0(zero) as a custom field
value.

Fixed decoding of MIME headers, this chould should fix:
* problems with non-ascii names of attachments
* problems with partly encoded fields with '=' chars
   in not encoded parts, for example:
     X-MyHeader: key="plain"; key="=?encoded?="
     X-MyHeader: key="=?encoded?="; key="plain"

Fixed RT::Transaction::OldValue and ::NewValue in situations
when values of {Old,New}Reference fileds are false. You may
saw effect of this bug in a ticket's history saying that
custom field value was changed from "random" value to the
XXX instead of expected "custom field was set to XXX value".

Todd Chapman discovered a case where RT's mail gateway would
default to the RT::SystemUser if no valid 'From' header were
found. This could allow a malicious user to create tickets or
reply to tickets, but not to gain access to data.

Localization:

Updated German translation. Thanks to Torsten Brumm.
2007-11-13 02:40:06 +00:00
cube
23aea700c0 Reap undead patches. 2007-08-09 20:57:18 +00:00
jlam
4390d56940 Make it easier to build and install packages "unprivileged", where
the owner of all installed files is a non-root user.  This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.

(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
    unprivileged.mk.  These two variables are lists of other bmake
    variables that define package-specific users and groups.  Packages
    that have user-settable variables for users and groups, e.g. apache
    and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
    etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
    so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
    and ${UNPRIVILEGED_GROUP}.

(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
2007-07-04 20:54:31 +00:00
wiz
0697770977 Replace perl interpreter in some files. From Sergey Svishchev. 2007-05-19 14:05:45 +00:00
cube
207e4583d6 Don't install rt-crontool twice. Apparently Linux's install is not happy
about that.

Pointed out by Hugh Brown in pkg/35518.
2007-01-30 07:10:46 +00:00
rillig
bdba6495e7 Made the dependency to SpeedyCGI optional, disabled by default. Bumped
PKGREVISION.
2006-10-01 18:44:57 +00:00
rillig
d645248346 Depends on SpeedyCGI to resolve the path to the interpreter correctly.
Fixed the permissions of the installed files. Bumped PKGREVISION.
2006-10-01 14:24:30 +00:00
cube
0224caf2b6 Remove dependency on Apachte::Test. It's not really necessary and cause
dependency headaches because of mod_perl2.

ok'd by wiz@ during freeze.
2006-09-29 23:38:46 +00:00
cube
bd04f30a31 Add USE_TOOLS+=perl:run, which is kind of required from now on for packages
using Perl.  It makes rt3 configure again.

Bug reported by schmonz@, fixed by jlam@.
2006-07-07 21:32:35 +00:00
seb
10353c0828 Install sbin/rt-dump-database script.
Apply fix from
http://svn.bestpractical.com/cgi-bin/index.cgi/bps/revision?rev=5218
<< * get rid of "masks earlier declaration" warnings >>

Bump PKGREVISION to 1.

Approved by MAINTAINER.
2006-06-03 10:40:34 +00:00
cube
815638bde5 Fix RT_I18N_DIR, which unbreaks devel/RTFM. No bump required because only
RTFM uses that value.
2006-05-06 07:14:45 +00:00
cube
2ec97b6708 Update rt3 to version 3.4.5. This is _not_ an easy update, although the
changes are apparently minor to a end user (but not for the site
administrator).

It'd very hard and very long to provide a full list of changes.  The main
changes in RT 3.4 are a complete rework of how Custom Fields are handled,
which means there is a lot more flexibility in that area now (including
Custom Fields for users, per-queue, per-transaction).  RT 3.4 is also
supposed to be faster, which certainly is no bad news.

Another bonus of RT 3.4 are the availability of extensions, and I will
commit RTx::Shredder and RTx::RightsMatrix very soon.

Updating RT is not an easy task, be sure to backup your database, and don't
forget to grant the new rights to relevant people.

In pkgsrc, rt3 is also seeing a few changes.  The main one is the situation
of the "local" path, which is now set to /var/rt3, which seems less lame to
me than the previous value.  It could be debated, though.
2006-05-01 09:38:08 +00:00
cube
3ce0b3e617 Depend on either ap2-perl or p5-Apache-Test (defaulting to the latter of
course) for Apache::Test, as both provide it.
2006-04-19 17:21:35 +00:00
joerg
2596e3a639 Correct use of OWN_DIRS vs. REQD_DIRS. 2006-04-12 20:05:19 +00:00
jlam
daad0f3d6c Modify the pkginstall framework so that it manages all aspects of
INSTALL/DEINSTALL script creation within pkgsrc.

If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts.  If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:

	INSTALL_SRC=	${PKGDIR}/INSTALL
	DEINSTALL_SRC=	# emtpy

As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts.  By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).

In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework.  The only public variables relating to the templates are:

	INSTALL_SRC		INSTALL_TEMPLATE
	DEINSTALL_SRC		DEINSTALL_TEMPLATE
				HEADER_TEMPLATE

The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.
2006-03-14 01:14:26 +00:00
joerg
5911def816 Recursive revision bump / recommended bump for gettext ABI change. 2006-02-05 23:08:03 +00:00
wiz
768c589c29 Bump BUILDLINK_RECOMMENDED of textproc/expat to 2.0.0 because
of the shlib major bump.
PKGREVISION++ for the dependencies.
2006-01-24 07:31:52 +00:00