diff --git a/CHANGES.txt b/CHANGES.txt
index ab4629e0497d472f435117c9f1ae05bb27e1a6ed..7cafd2b38f3334fb3e89fedfc65d761a20bbde1a 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
This file contains the changes to the Roundup system over time. The entries
are given with the most recent entry first.
-2009-XX-XX 1.4.XX (rXXXX)
+2009-12-XX 1.4.11 (rXXXX)
+
+Features:
+- Generic class editor may now restore retired items (thanks Ralf Hemmecke)
Fixes:
- More SSL fixes. SSL wants the underlying socket non-blocking. So we
the tracker->web variable. Closes issue2537286, thanks to "stuidge"
for reporting.
- Fix some format errors in italian translation file
+- Some bugs issue classifiers were causing database lookup errors
+- Fix security-problem: If user hasn't permission on a message (notably
+ files and content properties) and is on the nosy list, the content was
+ sent via email. We now check that user has permission on the message
+ content and files properties. Thanks to Intevation for funding this
+ fix.
+- Fix traceback on .../msgN/ url, this requests the file content and for
+ apache mod_wsgi produced a traceback because the mime type is None for
+ messages, fixes issue2550586, thanks to Thomas Arendsen Hein for
+ reporting and to Intevation for funding the fix.
+- Handle OPTIONS http request method in wsgi handler, fixes issue2550587.
+ Thanks to Thomas Arendsen Hein for reporting and to Intevation for
+ funding the fix.
+- Add documentation for migrating to the Register permission and
+ fix mailgw to use Register permission, fixes issue2550599
+- Fix styling of calendar to make it more usable, fixes issue2550608
+- Fix typo in email section of user guide, fixes issue2550607
+- Fix WSGI response code (thanks Peter Pöml)
+- Fix linking of an existing item to a newly created item, e.g.
+ edit action in web template is name="issue-1@link@msg" value="msg1"
+ would trigger a traceback about an unbound variable.
+ Add new regression test for this case.
2009-10-09 1.4.10 (r4374)