diff options
Diffstat (limited to 'docs')
-rw-r--r-- | docs/en/rel_notes.txt | 102 |
1 files changed, 99 insertions, 3 deletions
diff --git a/docs/en/rel_notes.txt b/docs/en/rel_notes.txt index 366673f97..4c93c9ec1 100644 --- a/docs/en/rel_notes.txt +++ b/docs/en/rel_notes.txt @@ -125,20 +125,90 @@ fix the problem on your installation. option "The bug is resolved or verified" to achieve part of this. (bug 130821) +*********************************************** +*** USERS UPGRADING FROM 2.16.1 OR EARLIER *** +*********************************************** + +*** SECURITY ISSUES RESOLVED *** + +*** IMPORTANT CHANGES *** + +*** Other changes of note *** + +*** Bug fixes of note *** + ********************************************* *** USERS UPGRADING FROM 2.16 OR EARLIER *** ********************************************* *** SECURITY ISSUES RESOLVED *** -*** IMPORTANT CHANGES *** +- Apostrophes were not properly handled in email addresses. This was a + regression introduced in 2.16. It is not known whether this was + exploitable. + (bug 165221) -*** Other changes of note *** +See also next major section. *** Bug fixes of note *** +- The VERSION cookie which allowed the previously entered version of a product + to be remembered was not correctly set. It was only set as a session + cookie, and under some circumstances could interfere with other cookies + (such as the login information) send at the same time. + (bug 160227) + +- importxml.pl would fail if the versioncache needed to be updated. + (bug 164464) + +- Bug changes going through intermediate pages would munge fields with + multiple fields, such as CCs. + (bug 161203) + +- On failure in template->new, Bugzilla will now die rather than futilely + attempt to use an error template. + (bug 166023) + +- Fixed a problem where checksetup had problems converting old installations + that didn't have a duplicates table. + (bug 151619) + +- Fixed a problem that caused taint errors when viewing or editing user + preferences with Perl 5.005 and Template 2.08. + (bug 160710) + +See also next section. + +****************************************************** +*** USERS UPGRADING FROM 2.14.3 OR EARLIER, 2.16.0 *** +****************************************************** + +*** SECURITY ISSUES RESOLVED *** + +- When a new product is added to an installation with 47 groups or more and + "usebuggroups" is enabled, the new group will be assigned a groupset bit + using Perl math that is not exact beyond 2^48. This results in the new + group being defined with a "bit" that has several bits set. As users are + given access to the new group, those users will also gain access to + spurious lower group privileges. Also, group bits were not always reused + when groups were deleted. + (bug 167485) + +- The email interface had another insecure single parameter system call. This + could potentially allow arbitrary shell commands to be run. This file is + not supported at this time, but as long as we knew about the problem, we + couldn't overlook it. + (bug 163024) + +*** Bug fixes of note *** + +- The email interface was broken. This was a 2.14.3 regression. This file + is not supported at this time, but as long as we knew about the problem, we + couldn't overlook it. + (bug 160631) + *********************************************** -*** USERS UPGRADING FROM 2.14.2 OR EARLIER *** +*** USERS UPGRADING FROM 2.14.4 OR EARLIER *** *********************************************** *** SECURITY ISSUES RESOLVED *** @@ -355,6 +425,32 @@ fix the problem on your installation. (bug 143091) *********************************************** +*** USERS UPGRADING FROM 2.14.3 OR EARLIER *** +*********************************************** + +See section above about users upgrading from 2.16.0 or earlier. + +*********************************************** +*** USERS UPGRADING FROM 2.14.2 OR EARLIER *** +*********************************************** + +*** SECURITY ISSUES RESOLVED *** + +- Basic maintenance on contrib/bug_email.pl and + contrib/bugzilla_email_append.pl which also fixes a + possible security hole with a misuse of a system() call. + These files are not supported at this time, but as long + as we knew about the problem, we couldn't overlook it. + (bug 154008) + +*** Bug fixes of note *** + +- The fix for bug 130821 in 2.14.2 broke being able to sort + bug lists on more than one field. buglist.cgi now allows + you to sort on more than one field again. + (bug 152138) + +*********************************************** *** USERS UPGRADING FROM 2.14.1 OR EARLIER *** *********************************************** |