[Rt-commit] rt annotated tag rt-5.0.5 created. rt-5.0.5

BPS Git Server git at git.bestpractical.com
Thu Oct 19 18:54:33 UTC 2023 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt".

The annotated tag, rt-5.0.5 has been created
        at  d938957bba21979e5b3cba1ed040b038066f2694 (tag)
   tagging  90fb016e604942256edf00a36644ce077bb5ea4e (commit)
  replaces  rt-5.0.5beta1
 tagged by  sunnavy
        on  Thu Oct 19 14:06:54 2023 -0400

- Log -----------------------------------------------------------------
Version 5.0.5
-----BEGIN PGP SIGNATURE-----

iQFOBAABCAA4FiEExJs3Lyv4ShkBFmAnDfCig/6sgLIFAmUxcD4aHHN1bm5hdnlA
YmVzdHByYWN0aWNhbC5jb20ACgkQDfCig/6sgLIROwgAolJ3RBnuSbjHwej3iYiO
FJFkpb9ZWf5Fh+CtfWq34PeTExKDrZLYFgAPNS7r179us5xuKAfDM1ZXBiP+Isa3
ofhCPeL5728jonwyzvAuVoNIh7Se3AHp27YvVgjYJcZ+qRtsgHJk5KTuxkAPJ8oL
+YZn6+UzbCOHdoJ1hAHJnbmGtNmnFjxrGyrP2/PrGjEtBl9lFI8aKs7Y9djOHi44
CixtqwDSRx60trk4uSKKLt4jf9i7Fd8mOehWCM5Wqeh+10MJSnY12K/fDJP/196H
2kFq0jyQ2jm7Bb+xFbNUAfrNeSW+qXMBM3ZwCrcXhDpqJ5y/XbOZCw6NVeINuH4O
mQ==
=m1oT
-----END PGP SIGNATURE-----

Dianne Skoll (1):
      Clear all RT crypt headers from incoming email before processing

Jim Brandt (2):
      Document restricting access to REST 1.0 mail-gateway
      Return mail processing details only in DevelMode

sunnavy (24):
      Sanitize non-crypt headers used in RT internally from incoming email
      Merge branch 'security/5.0/sanitize-sensitive-headers' into security/5.0.5-releng
      Merge branch 'security/5.0/document-mailgate-apache-config' into security/5.0.5-releng
      Merge branch 'security/5.0/suppress-mailgate-REST-responses' into security/5.0.5-releng
      Support UseSQLForACLChecks for ticket transaction searches
      Disallow non-ticket transaction searches from web UI
      Merge branch 'security/5.0/protect-txn-searches' into security/5.0.5-releng
      Hide time fields in REST2 if $HideTimeFieldsFromUnprivilegedUsers is true
      Show Plugins info in "/rt" REST2 endpoint for super users only
      Protect queue/class/catalog info on ticket/article/asset create via REST2
      Disallow unprivileged users to access REST2 "/user" endpoint
      Clean up the forbidden method of REST2 "/group/.../member*" endpoint
      Clean up the forbidden method of REST2 "/download/cf/*" endpoint
      Improve "forbidden" for REST2 record endpoints with more right checks.
      Hide total/pages info from REST2 collection endpoints without proper rights
      Require SeeGroup to view group transactions
      Update tests for the "forbidden" method improvement
      Update tests for the total/pages hiding change
      Merge branch 'security/5.0/rest2-stricter-access' into security/5.0.5-releng
      Update tests as RT-Send-Cc is cleared now
      Generate correct SQL for txn search when Owner has ShowTicket
      Enable devel mode for mailgate tests that depend on detailed output
      Fix typo
      Merge branch 'security/5.0.5-releng' into 5.0.5-releng

-----------------------------------------------------------------------


hooks/post-receive
-- 
rt

More information about the rt-commit mailing list