X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=CHANGES.txt;h=fadcbbf3fd1025cac24386da2cd222fec1204101;hb=95ad6a8ef4585ed0d84f1c5201fbe43cd71f5f7b;hp=910448e692dd9b3eedccd5ed064a5c7ae47cfb32;hpb=9b5a477a8a107293e2b83ac3545eb4d2c5ed8f16;p=roundup.git diff --git a/CHANGES.txt b/CHANGES.txt index 910448e..fadcbbf 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,12 +1,78 @@ This file contains the changes to the Roundup system over time. The entries are given with the most recent entry first. -2009-XX-XX 1.4.XX (rXXXX) +2010-07-01 1.4.14 + +Features: +- Preparations for getting 2to3 work, not completed yet. (Richard Jones) + +Fixed: +- User input not escaped when a bad template name is supplied (thanks + Benjamin Pollack) +- The email for the first message on an issue was having its In-Reply-To + set to itself (thanks Eric Kow) +- Handle multiple @action values from broken trackers. +- Accept single-character subject lines +- xmlrpc handling of unicode characters and binary values, see + http://thread.gmane.org/gmane.comp.bug-tracking.roundup.user/10040 + thanks to Hauke Duden for reporting these. +- frontends/roundup.cgi got out of sync with the roundup.cgi.Client API +- Default to "text/plain" if no Content-Type header is present in email + (thanks Hauke Duden) +- Small documentation update regarding debugging aids (Bernhard Reiter) +- Indexer Xapian, made Xapian 1.2 compatible. Needs at least Xapian 1.0.0 now. + (Bernhard Reiter; Thanks to Olly Betts for providing the patch Issue2550647.) + + +2010-02-19 1.4.13 + +Fixed: +- Multilink edit fields lose their values (thanks Will Maier) + + +2010-02-09 1.4.12 (r4455) + +Features: +- Support IMAP CRAM-MD5, thanks Jochen Maes + +Fixes: +- Proper handling of 'Create' permissions in both mail gateway (earlier + commit r4405 by Richard), web interface, and xmlrpc. This used to + check 'Edit' permission previously. See + http://thread.gmane.org/gmane.comp.bug-tracking.roundup.devel/5133 + Add regression tests for proper handling of 'Create' and 'Edit' + permissions. +- Fix handling of non-ascii in realname in the nosy mailer, this used to + mangle the email address making it unusable when replying. Thanks to + intevation for funding the fix. +- Fix documentation on user required to run the tests, fixes + issue2550618, thanks to Chris aka 'radioking' +- Add simple doc about translating customised tracker content +- Add "flup" setup documentation, thanks Christian Glass +- Fix "Web Access" permission check to allow serving of static files to + Anonymous again +- Add check for "Web Access" permission in all web templating permission + checks +- Improvements in upgrading documentation, thanks Christian Glass +- Display 'today' in the account user's timezone, thanks David Wolever +- Fix file handle leak in some web interfaces with logging turned on, + fixes issue1675845 +- Attempt to generate more human-readable addresses in email, fixes + issue2550632 +- Allow value to be specified to multilink form element templating, fixes + issue2550613, thanks David Wolever +- Fix thread safety with stdin in roundup-server, fixes issue2550596 + (thanks Werner Hunger) + + +2009-12-21 1.4.11 (r4413) Features: - Generic class editor may now restore retired items (thanks Ralf Hemmecke) Fixes: +- Fix security hole allowing user permission escalation (thanks Ralf + Schlatterbeck) - More SSL fixes. SSL wants the underlying socket non-blocking. So we don't call socket.setdefaulttimeout in case of SSL. This apparently never raises a WantReadError from SSL. @@ -33,6 +99,26 @@ Fixes: funding the fix. - Add documentation for migrating to the Register permission and fix mailgw to use Register permission, fixes issue2550599 +- Fix styling of calendar to make it more usable, fixes issue2550608 +- Fix typo in email section of user guide, fixes issue2550607 +- Fix WSGI response code (thanks Peter Pöml) +- Fix linking of an existing item to a newly created item, e.g. + edit action in web template is name="issue-1@link@msg" value="msg1" + would trigger a traceback about an unbound variable. + Add new regression test for this case. May be related to (now closed) + issue1177477. Thanks to Intevation for funding the fix. +- Clean up all the places where role processing occurs. This is now in a + central place in hyperdb.Class and is used consistently throughout. + This also means now a template can override the way role processing + occurs (e.g. for elaborate permission schemes). Thanks to intevation + for funding the change. +- Fix issue2550606 (german translation bug) "an hour" is only used in + the context "in an hour" or "an hour ago" which translates to german + "in einer Stunde" or "vor einer Stunde". So "an hour" is translated + "einer Stunde" (which sounds wrong at first). Also note that date.py + already has a comment saying "XXX this is internationally broken" -- + but at least there's a workaround for german :-) Thanks to Chris + (radioking) for reporting. 2009-10-09 1.4.10 (r4374)