RT 4.0.6 contains important security fixes, in addition to bugfixes. http://download.bestpractical.com/pub/rt/release/rt-4.0.6.tar.gz http://download.bestpractical.com/pub/rt/release/rt-4.0.6.tar.gz.sig
SHA1 sums f5c0dd16da21f0af8e9c093057aa58cbab08d06b rt-4.0.6.tar.gz 1f862bbb1b335cd036d1c32c10d80f26e4ce99a1 rt-4.0.6.tar.gz.sig This release, in addition to being a bugfix release, also resolves a number of security vulnerabilities. It resolves CVE-2011-2082, CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458, CVE-2011-4459, and CVE-2011-4460. * Remove CSS3PIE, which simply added rounded corners on IE7 and IE8, as it was causing numerous crashes of IE. * Show the current status in the status dropdown during ticket update, to allow forced setting of the status. This functionality was available in RT 3.8, and is now being reinstated. * Use SearchBuilder queue limits to restrict what statuses and owners are displayed in drop-downs. * Make "New Ticket" a top-level SelfService menu item. * Display Lifecycle column correctly in queue admin lists. * Allow >64k attributes on MySQL; this is particularly useful for logos uploaded via the theming editor. * Remove two dependencies from the RT mailgate. * Adding new arbitrary links to tickets now works as expected in the REST interface. * Subject: lines in Forward Ticket templates are now respected. * Sort ticket link numbers numerically, not alphabetically. * Ticket reminders are no longer copied when creating a linked ticket; article and http:// links now are, however. * Use relative links (with no hostname) more consistently. * Correctly deal with non-ASCII attachment filenames which make use of MIME parameter value continuations. * Find queue-level CFs first in REST interface when there are duplicates by name. * Fix graphing of searches which reference Updated and other transaction-based limits. * Reminder statuses on open and resolve are now configurable per-lifecycle. * Fix quoting of CF names containing dashes and the like in the SearchBuilder. * Bump URI dependency to ensure utf8 URLs are correclty generated in Dashboard emails. * Permit <bdo> and language attributes when scrubbing HTML. A complete changelog is available from git by running: git log rt-4.0.5..rt-4.0.6 - Alex
signature.asc
Description: This is a digitally signed message part
_______________________________________________ rt-announce mailing list rt-annou...@lists.bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-announce