bugzilla/bugzilla.changes

-------------------------------------------------------------------
Tue Oct  3 19:04:35 UTC 2017 - matwey.kornilov@gmail.com

- put bugzilla.rpmlintrc into Sources

-------------------------------------------------------------------
Tue Jul 26 11:26:45 UTC 2016 - ecsos@opensuse.org

- update german language to 5.0.3-1

-------------------------------------------------------------------
Thu Jun 16 13:10:15 UTC 2016 - ecsos@opensuse.org

- update to 5.0.3
  This release fixes one security issue and some bug fixes.
  https://www.bugzilla.org/releases/5.0.3/release-notes.html
  - A regression in Bugzilla 5.0.2 caused whine.pl to be unable 
    to send emails due to a missing subroutine. (Bug 1235395)
  - The Encode module changed the way it encodes strings, 
    causing email addresses in emails sent by Bugzilla to be encoded,
    preventing emails from being correctly delivered to recipients. 
    We now encode email headers correctly. (Bug 1246228)
  - Fix additional taint issues with Strawberry Perl. 
    (Bug 987742 and bug 1089448)
  - When exporting a buglist as a CSV file, fields starting with 
    either "=", "+", "-" or "@" are preceded by a space to not 
    trigger formula execution in Excel. (Bug 1259881)
  - An extension which allows user-controlled data to be used as 
    a link in tabs could trigger XSS if the data is not correctly 
    sanitized. Bugzilla no longer relies on the extension to do the 
    sanity check. A vanilla installation is not affected as no tab
    is user-controlled. (Bug 1250114)
  - Extensions can now easily override the favicon used for the 
    Bugzilla website. (Bug 1250264)
- Security fix:
  * (CVE-2016-2803)
    https://www.bugzilla.org/security/4.4.11/
- rework patch fix_whine_error.patch because most now in upstream

-------------------------------------------------------------------
Mon Jan 25 07:53:00 UTC 2016 - ecsos@opensuse.org

- update german language to 5.0.2-1

-------------------------------------------------------------------
Tue Jan 19 10:29:21 UTC 2016 - ecsos@opensuse.org

- fix error "Undefined subroutine..." in whine.pl
  https://bugzilla.mozilla.org/show_bug.cgi?id=1235395

-------------------------------------------------------------------
Sun Jan  3 00:50:39 UTC 2016 - ecsos@opensuse.org

- update to 5.0.2
  This release fixes two security issues and some bug fixes.
  https://www.bugzilla.org/releases/5.0.2/release-notes.html
  - mod_perl now works correctly with mod_access_compat turned off 
    on Apache 2.4. 
    To regenerate the .htaccess files, you must first delete all 
    existing ones in subdirectories:

    find . -mindepth 2 -name .htaccess -exec rm -f {} \;

    You must then run checksetup.pl again to recreate them with 
    the correct syntax. (Bug 1223790)
  - Emails sent by Bugzilla are now correctly encoded as UTF-8. 
    (Bug 714724)
  - Strawberry Perl is now fully supported on Windows. 
    (Bug 1089448 and bug 987742)
  - The XML-RPC API now works with IIS on Windows. (Bug 708252)
  - Some queries should now be faster on PostgreSQL. (Bug 1184431)
- Security fixes:
  * (CVE-2015-8508)
    https://www.bugzilla.org/security/4.2.15/
    https://bugzilla.mozilla.org/show_bug.cgi?id=1221518
  * (CVE-2015-8509)
    https://www.bugzilla.org/security/4.2.15/
    https://bugzilla.mozilla.org/show_bug.cgi?id=1232785

-------------------------------------------------------------------
Fri Sep 18 09:01:47 UTC 2015 - ecsos@opensuse.org

- update to 5.0.1
  This update fixes several vulnerabilities
  https://www.bugzilla.org/releases/5.0.1/release-notes.html
- Security fixes:
  * (CVE-2015-4499)
    https://www.bugzilla.org/security/4.2.14/
    https://bugzilla.mozilla.org/show_bug.cgi?id=1202447

-------------------------------------------------------------------
Mon Jul 13 16:48:40 UTC 2015 - ecsos@opensuse.org

- update to 5.0
  https://www.bugzilla.org/releases/5.0/release-notes.html
- update german language to 5.0
- fix no acccess under apache 2.4 in bugzilla.conf
  
-------------------------------------------------------------------
Tue Jun 23 07:32:15 UTC 2015 - ecsos@opensuse.org

- add perl-Module-Pluggable and perl-Object-Pluggable to Requires:
  because it will be removed in next perl major release.

-------------------------------------------------------------------
Thu Apr 23 16:20:39 UTC 2015 - ecsos@opensuse.org

- update to 4.4.9
  - Users who are not in the insidergroup were able to determine 
    if some specific user made a private comment in bugs. 
    (Bug 1151290)
  - Due to a regression caused by bug 1090275, the WebService 
    methods Bug.get_bugs and Bug.get_history were no longer 
    allowed. (Bug 1154099)
  - Bugzilla now supports the new .htaccess format from Apache 2.4. 
    (Bug 1121477)
  - A regression in Bugzilla 4.4.3 due to CVE-2014-1517 caused the 
    admin's password to be ignored when starting a sudo session. 
    (Bug 1132887)
- update bugzilla.conf with new from .htaccess
- update german language to 4.4.9

-------------------------------------------------------------------
Wed Mar 25 11:17:32 UTC 2015 - jweberhofer@weberhofer.at

- Moved code from .htaccess file into bugzilla.conf
- Removed BOM from bugzilla.conf
- Explicitly set directory rights for gernam language pack
- Cleaned up spec file

-------------------------------------------------------------------
Mon Mar  2 11:09:52 UTC 2015 - ecsos@opensuse.org

- update to 4.4.8
  - Fixing a regression caused by bug 10902750, 
    JSON-RPC API calls could crash in certain cases instead of 
    displaying the proper error message. (Bug 1124716)
- changes from 4.4.7
  - The Bug.add_comment WebService method now returns the 
    correct ID for the newly created bug comment. (Bug 1111043)
    Fixing a regression caused by CVE-2014-1571 (bug 1064140), 
    comments made while setting a flag from the attachment 
    details page are again included in the flag notification email. 
    (Bug 1082887)
- update german language to 4.4.8
- remove cvs check and add git check for unneeded files
    
-------------------------------------------------------------------
Tue Oct 28 11:54:59 UTC 2014 - ecsos@opensuse.org

- insert BuildRequires: apache, so apache dirs not owned by
  this package
- insert bugzilla.conf for apache

-------------------------------------------------------------------
Wed Oct  8 09:57:06 UTC 2014 - ecsos@opensuse.org

- Update to 4.4.6

-------------------------------------------------------------------
Mon Sep 22 10:24:49 UTC 2014 - ecsos@opensuse.org

- Update to 4.4.5
- added german template
- correct and upgrade spec

-------------------------------------------------------------------
Sat Apr 16 16:02:52 UTC 2011 - jengelh@medozas.de

- Update to upstream release 4.1.1

-------------------------------------------------------------------
Sat Sep  4 17:27:29 UTC 2010 - jengelh@medozas.de

- Remove unwanted "CVS" directories from installation
- Remove unwanted ".cvsignore" files
- Change rpmgroup for rpmlint
- Mark shebang scripts as executable (chmod +x)

-------------------------------------------------------------------
Tue Aug 24 08:07:12 UTC 2010 - jengelh@medozas.de

- Update to new upstream release 3.6.2
* four security fixes
Accepting request 531002 from home:matwey:branches:devel:tools:scm - put bugzilla.rpmlintrc into Sources OBS-URL: https://build.opensuse.org/request/show/531002 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=10 2017-10-04 07:03:51 +00:00			`-------------------------------------------------------------------`
			`Tue Oct 3 19:04:35 UTC 2017 - matwey.kornilov@gmail.com`

			`- put bugzilla.rpmlintrc into Sources`

Accepting request 415252 from home:ecsos:server update german language to 5.0.3-1 OBS-URL: https://build.opensuse.org/request/show/415252 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=9 2016-07-26 12:05:40 +00:00			`-------------------------------------------------------------------`
			`Tue Jul 26 11:26:45 UTC 2016 - ecsos@opensuse.org`

			`- update german language to 5.0.3-1`

Accepting request 402822 from home:ecsos:server update to 5.0.3; security fix and bug fix. OBS-URL: https://build.opensuse.org/request/show/402822 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=8 2016-06-17 06:19:45 +00:00			`-------------------------------------------------------------------`
			`Thu Jun 16 13:10:15 UTC 2016 - ecsos@opensuse.org`

			`- update to 5.0.3`
			`This release fixes one security issue and some bug fixes.`
			`https://www.bugzilla.org/releases/5.0.3/release-notes.html`
			`- A regression in Bugzilla 5.0.2 caused whine.pl to be unable`
			`to send emails due to a missing subroutine. (Bug 1235395)`
			`- The Encode module changed the way it encodes strings,`
			`causing email addresses in emails sent by Bugzilla to be encoded,`
			`preventing emails from being correctly delivered to recipients.`
			`We now encode email headers correctly. (Bug 1246228)`
			`- Fix additional taint issues with Strawberry Perl.`
			`(Bug 987742 and bug 1089448)`
			`- When exporting a buglist as a CSV file, fields starting with`
			`either "=", "+", "-" or "@" are preceded by a space to not`
			`trigger formula execution in Excel. (Bug 1259881)`
			`- An extension which allows user-controlled data to be used as`
			`a link in tabs could trigger XSS if the data is not correctly`
			`sanitized. Bugzilla no longer relies on the extension to do the`
			`sanity check. A vanilla installation is not affected as no tab`
			`is user-controlled. (Bug 1250114)`
			`- Extensions can now easily override the favicon used for the`
			`Bugzilla website. (Bug 1250264)`
			`- Security fix:`
			`* (CVE-2016-2803)`
			`https://www.bugzilla.org/security/4.4.11/`
			`- rework patch fix_whine_error.patch because most now in upstream`

Accepting request 355693 from home:ecsos:server update german language to 5.0.2 OBS-URL: https://build.opensuse.org/request/show/355693 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=7 2016-01-25 08:42:28 +00:00			`-------------------------------------------------------------------`
			`Mon Jan 25 07:53:00 UTC 2016 - ecsos@opensuse.org`

			`- update german language to 5.0.2-1`

Accepting request 354755 from home:ecsos:server Fix bug in whine.pl OBS-URL: https://build.opensuse.org/request/show/354755 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=6 2016-01-19 15:52:43 +00:00			`-------------------------------------------------------------------`
			`Tue Jan 19 10:29:21 UTC 2016 - ecsos@opensuse.org`

			`- fix error "Undefined subroutine..." in whine.pl`
			`https://bugzilla.mozilla.org/show_bug.cgi?id=1235395`

Accepting request 351734 from home:ecsos:server update to 5.0.2 OBS-URL: https://build.opensuse.org/request/show/351734 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=5 2016-01-03 06:16:50 +00:00			`-------------------------------------------------------------------`
			`Sun Jan 3 00:50:39 UTC 2016 - ecsos@opensuse.org`

			`- update to 5.0.2`
			`This release fixes two security issues and some bug fixes.`
			`https://www.bugzilla.org/releases/5.0.2/release-notes.html`
			`- mod_perl now works correctly with mod_access_compat turned off`
			`on Apache 2.4.`
			`To regenerate the .htaccess files, you must first delete all`
			`existing ones in subdirectories:`

			`find . -mindepth 2 -name .htaccess -exec rm -f {} \;`

			`You must then run checksetup.pl again to recreate them with`
			`the correct syntax. (Bug 1223790)`
			`- Emails sent by Bugzilla are now correctly encoded as UTF-8.`
			`(Bug 714724)`
			`- Strawberry Perl is now fully supported on Windows.`
			`(Bug 1089448 and bug 987742)`
			`- The XML-RPC API now works with IIS on Windows. (Bug 708252)`
			`- Some queries should now be faster on PostgreSQL. (Bug 1184431)`
			`- Security fixes:`
			`* (CVE-2015-8508)`
			`https://www.bugzilla.org/security/4.2.15/`
			`https://bugzilla.mozilla.org/show_bug.cgi?id=1221518`
			`* (CVE-2015-8509)`
			`https://www.bugzilla.org/security/4.2.15/`
			`https://bugzilla.mozilla.org/show_bug.cgi?id=1232785`

Accepting request 332011 from home:ecsos:server security update CVE-2015-4499 OBS-URL: https://build.opensuse.org/request/show/332011 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=4 2015-09-20 14:42:01 +00:00			`-------------------------------------------------------------------`
			`Fri Sep 18 09:01:47 UTC 2015 - ecsos@opensuse.org`

			`- update to 5.0.1`
			`This update fixes several vulnerabilities`
			`https://www.bugzilla.org/releases/5.0.1/release-notes.html`
			`- Security fixes:`
			`* (CVE-2015-4499)`
			`https://www.bugzilla.org/security/4.2.14/`
			`https://bugzilla.mozilla.org/show_bug.cgi?id=1202447`

Accepting request 316532 from home:ecsos:server update to 5.0 OBS-URL: https://build.opensuse.org/request/show/316532 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=3 2015-07-14 17:50:04 +00:00			`-------------------------------------------------------------------`
			`Mon Jul 13 16:48:40 UTC 2015 - ecsos@opensuse.org`

			`- update to 5.0`
			`https://www.bugzilla.org/releases/5.0/release-notes.html`
			`- update german language to 5.0`
			`- fix no acccess under apache 2.4 in bugzilla.conf`

			`-------------------------------------------------------------------`
			`Tue Jun 23 07:32:15 UTC 2015 - ecsos@opensuse.org`

			`- add perl-Module-Pluggable and perl-Object-Pluggable to Requires:`
			`because it will be removed in next perl major release.`

			`-------------------------------------------------------------------`
			`Thu Apr 23 16:20:39 UTC 2015 - ecsos@opensuse.org`

			`- update to 4.4.9`
			`- Users who are not in the insidergroup were able to determine`
			`if some specific user made a private comment in bugs.`
			`(Bug 1151290)`
			`- Due to a regression caused by bug 1090275, the WebService`
			`methods Bug.get_bugs and Bug.get_history were no longer`
			`allowed. (Bug 1154099)`
			`- Bugzilla now supports the new .htaccess format from Apache 2.4.`
			`(Bug 1121477)`
			`- A regression in Bugzilla 4.4.3 due to CVE-2014-1517 caused the`
			`admin's password to be ignored when starting a sudo session.`
			`(Bug 1132887)`
			`- update bugzilla.conf with new from .htaccess`
			`- update german language to 4.4.9`

Accepting request 293085 from home:weberho:branches:devel:tools:scm Updated version to 4.4.6 and cleaned up spec OBS-URL: https://build.opensuse.org/request/show/293085 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=2 2015-03-25 11:46:22 +00:00			`-------------------------------------------------------------------`
			`Wed Mar 25 11:17:32 UTC 2015 - jweberhofer@weberhofer.at`

			`- Moved code from .htaccess file into bugzilla.conf`
			`- Removed BOM from bugzilla.conf`
			`- Explicitly set directory rights for gernam language pack`
			`- Cleaned up spec file`

			`-------------------------------------------------------------------`
			`Mon Mar 2 11:09:52 UTC 2015 - ecsos@opensuse.org`

			`- update to 4.4.8`
			`- Fixing a regression caused by bug 10902750,`
			`JSON-RPC API calls could crash in certain cases instead of`
			`displaying the proper error message. (Bug 1124716)`
			`- changes from 4.4.7`
			`- The Bug.add_comment WebService method now returns the`
			`correct ID for the newly created bug comment. (Bug 1111043)`
			`Fixing a regression caused by CVE-2014-1571 (bug 1064140),`
			`comments made while setting a flag from the attachment`
			`details page are again included in the flag notification email.`
			`(Bug 1082887)`
			`- update german language to 4.4.8`
			`- remove cvs check and add git check for unneeded files`

Accepting request 262001 from server:php:applications This package has been placed in server:php:application but should better be placed in in devel:tools:scm . Would be good, if you could take it over. OBS-URL: https://build.opensuse.org/request/show/262001 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/bugzilla?expand=0&rev=1 2015-03-25 09:40:45 +00:00			`-------------------------------------------------------------------`
			`Tue Oct 28 11:54:59 UTC 2014 - ecsos@opensuse.org`

			`- insert BuildRequires: apache, so apache dirs not owned by`
			`this package`
			`- insert bugzilla.conf for apache`

			`-------------------------------------------------------------------`
			`Wed Oct 8 09:57:06 UTC 2014 - ecsos@opensuse.org`

			`- Update to 4.4.6`

			`-------------------------------------------------------------------`
			`Mon Sep 22 10:24:49 UTC 2014 - ecsos@opensuse.org`

			`- Update to 4.4.5`
			`- added german template`
			`- correct and upgrade spec`

			`-------------------------------------------------------------------`
			`Sat Apr 16 16:02:52 UTC 2011 - jengelh@medozas.de`

			`- Update to upstream release 4.1.1`

			`-------------------------------------------------------------------`
			`Sat Sep 4 17:27:29 UTC 2010 - jengelh@medozas.de`

			`- Remove unwanted "CVS" directories from installation`
			`- Remove unwanted ".cvsignore" files`
			`- Change rpmgroup for rpmlint`
			`- Mark shebang scripts as executable (chmod +x)`

			`-------------------------------------------------------------------`
			`Tue Aug 24 08:07:12 UTC 2010 - jengelh@medozas.de`

			`- Update to new upstream release 3.6.2`
			`* four security fixes`