[rt-announce] RT 4.0.7 Released

Kevin Falcone falcone at bestpractical.com
Mon Aug 27 13:41:06 EDT 2012


I'm happy to announce that RT 4.0.7 is now available.

http://download.bestpractical.com/pub/rt/release/rt-4.0.7.tar.gz
http://download.bestpractical.com/pub/rt/release/rt-4.0.7.tar.gz.sig

SHA1 sums
4c6ba7c3311e0fc42bb99434e91d03318c24186f  rt-4.0.7.tar.gz
e162aa17cacecc714ec744545c52c4ac7238c816  rt-4.0.7.tar.gz.sig

This release contains a number of bugfixes since the 4.0.6 release.
In particular, we have adjusted the CSRF warning for a few pages based
on user feedback.

This release bumps dependencies on Email::Address, FCGI and IPC::Run so
please make sure to run 'make testdeps' and if required 
'make fixdeps' before upgrading. Running 'make upgrade' will also
check your installed versions for errors.

Security

* Bump the FCGI dependency to one which closes CVE-2011-2766
  The 4.0 series did not specify a minimum FCGI version and it's
  possible that a vulnerable release of the perl FCGI module was
  installed when you set up an earlier release of 4.0.x

Features

* Allow specification of your CSRF Whitelist Referrer using *.example.com 
* Allow searching for tickets associated with articles using a:42
* Upgrade our Date/Time picker JS, allow unsetting of CFs
* Improve display of circularly linked tickets
* Optimize the large table changes between 3.2 and 3.4 for MySQL
* Provide a better error if your CreateTickets template is malformed
* Add the ExtractTicketId function to make customizing ticket id
  matching easier

Bugfixes

* Don't trust emails that claim to be UTF-8, convert it to UTF-8 before storing
* Fix a shredder bug when deleting a user and replacing it with another user
* Remove CSRF restrictions on search results page
* Ensure that TransactionBatch scrips always run in the RT::System
  context rather than having some sub-objects in the original user's
  context.
* Better display of multipart/related mail
* Remove some warnings when running under Perl 5.16
* Better errors when viewing approvals without rights
* Bring back rounded corners on FireFox >= 13 by using the standard
  border-radius property
* $Users->LimitCustomField now ignores disabled ObjectCustomFieldValues
  properly (same for other non-ticket objects).
* Versions of IPC::Run < 0.90 could truncate labels on charts that
  contain UTF-8 characters
* Fix a rendering issue where certain emails would cause the history to
  render progressively more staggered to the right
* Make owner:falcone and owner:falcone at example.com work
* CF.{Foo} TicketSQL searches are now case insensitive on Pg and Oracle
* Tickets with Unicode subjects created through the Web UI could end up
  being corrupted on reply because of other headers passed to MIME::Head
* Ignore DECRYPTION_INFO from GnuPG 1.4.12
* Record LastUpdated(By) on Scrips
* Simple Search now handles Custom Fields with dashes
* Remove another hardcoded use of 'resolved' in the mailgate unsafe actions
* When deleting dashboards, also delete subscriptions
* Fix rendering of links from bin/rt
* Don't allow ticket creation if your REST form contains an unknown field
* Skip users with empty email addresses in autocompletion
* Loosen our detection of mobile browser to search for the word 'mobile'
* Don't provide a charset on download of binary attachments
* Fix UseSideBySideLayout to not be cached across users
* Ensure that article searches are case insensitive
* QueueSummaryByStatus now uses the improved code from QueueSummaryByLifecylcle

A complete changelog is available from git by running 
`git log rt-4.0.6..rt-4.0.7`
or visiting
https://github.com/bestpractical/rt/compare/rt-4.0.6...rt-4.0.7
although they will not load all of the commits.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-announce/attachments/20120827/c2c3b902/attachment.pgp>


More information about the rt-announce mailing list