diff options
| author | spz <spz> | 2011-02-26 20:58:15 +0000 |
|---|---|---|
| committer | spz <spz> | 2011-02-26 20:58:15 +0000 |
| commit | bb363a10e937c408cbda5912936cbf3a5cd3add3 (patch) | |
| tree | 543de7d40a54e617324c4364bede3f9dbf5611e8 /devel/rt3 | |
| parent | 7a5f2a5333214996b88b5b1e71c66e1fc0cf67f8 (diff) | |
| download | pkgsrc-bb363a10e937c408cbda5912936cbf3a5cd3add3.tar.gz | |
Update of rt3 to version 3.8.9
Changelog:
SECURITY
* Move to a SHA-256 based password hashing scheme
* Redirect users to their desired pages after login.
This prevents possible back button attacks after a user logs out.
* Clone Scrip's TicketObj since we change the CurrentUser and it can
leak information (Custom field values, etc)
INSTALLATION
* Fixes to the RH Layout in config.layout
ACCESS CONTROL
* New AdminCustomFieldValues right that allows user to add/remove
CF values, but not edit the CF
CONFIGURATION
* Add ResolveDefaultUpdateType to choose between Comment or Correspond
on Resolve
* When using Set($MailCommand, 'testfile') log all mail to the
same tmpfile
* Add a callback to allow extensions to redirect a user to an external
auth logout URL using RT's logout button. This ensures that the user's
RT session is cleared
* Add SuppressAutoOpenOnUpdate preference
DOCUMENTATION
* Clean up README
* Update UPGRADING.mysql documentation for users of older mysql
* Flag that "Let this user be granted rights" means "Privileged"
* Fix rt-crontool examples to use a real Condition
* Undocument SenderMustExistInExternalDatabase since the code was
never merged
* Better document SetOutgoingMailFrom
* Better document shrink_cgm_table.pl
DATABASE
* Add support for Postgres 9
* No longer record transactions for ACL Equivalence Groups
* Don't delete all RT MySQL ACLs before invoke GRANT
* Quote database name for GRANT on MySQL
* Insert extensions' schema and acl files as the DBA
* Fix searches for empty Attachments on Oracle
EMAIL
* Better handling of mail generated by Outlook
* When RT's SendmailCommand fails, record it in ticket history
* New GPG tests and bugfixes for corner cases
* use EmailOutputEncoding for Content-Type.charset
* Handle failures in MIME Encoding better
* Small bugfixes for text/html templates
* Fix MIME decoding on ticket subjects
* Remove stray colons and whitespace in the default Admin Comment
template
USER INTERFACE
* Fix an infinite loop when using the 3.4-compat theme
* Fixes to CollectionList sorting
* css positioning tweaks for page menus
* Fixes for Bulk Update when users click 'Add More Files'
* Skip all watchers when offering to add CCs as Watchers
* Fix ahah.js to handle more than one CF 'Include page' link
* Ensure that Nobody is always at the front of the Select Owner list
* Link Basics in SelfService to the Update page
* Fix toggling js to only run once
* Ensure signatures are included in Jumbo edits
* Better identify (in the UI) a misconfigured GPG setup
* GPG key management UI updates
* Add classes/ids to the Custom Field Editing pages
* CSS Fixes for preferences widgets
* Fix truncated top values on Charts
* Wording and layout changes for the 'update password' widget
* Ensure that we keep Anchor tags on redirects
* Fix loading a new search on the Chart/Graph pages
* Change Attachment size label from Bytes to Megabytes
* Respect timezones in timestamps in /Approvals/
* Charset fixes for Ticket Attachment downloads
* Bar graph fixes for large numbers of bars
* Allow a callback on QuickCreate to pass a default Status
* Fix Approvals to make one search for approval tickets that distincts
and orders them
* Link from Group Membership lists to User admin pages
* New callbacks (autohandler, default queue, aborting ticket updates,
after requestor on create)
* Fix non-local local links and add t: syntax
* Editing Transaction custom fields now shows errors inline
* Use the ShowUser element more consistently across the UI
TOOLS
* Improvements to extract-message-catalog (translation tool)
* Let shrink_cgm_table and shrink_transactions display "percent complete"
* Added a simple script to naively generate a RTAddressRegexp
* Install rt-attributes-viewer originally shipped with 3.8.8
* bin/rt now searches for global configs in LOCAL_ETC_PATH also
OTHER BUG FIXES
* No longer refuse to start if you upgraded from a version of RT that
allowed you to have invalid Scrips
* Handle broken Reminders links when users change their Organization
* Trim whitespace from CustomFieldValues consistently
* RFC2616 dates are always in UTC
* Scrips can no longer have an empty Condition, Action or Template
* make multi-value REST fields separated with commas ignore spaces
* Localize ENV changes under mod_perl
* Don't page group memberships for a User
* Skip disabled Queues when a Simple Search term matches a Queue Name
* Add TransactionObj to CreateTickets templates to match the docs
* Fix the use of Tickets_Local.pm in rt-email-dashboards and rt-crontool
* Escape more characters in graphviz output
* Fix message when you fail to delete a saved search to tell you
Permission Denied
* Include Rules with Scrips when previewing recipients
* Ensure that distribution upgrades that break Scalar::Util show up in
apache logs
* Fix warnings on empty Collection List headers
* Log errors from safe_run_child
* Refuse to run if webmux.pl and RT.pm are mismatched
* Actually log the error that caused "Can't load a principal for id #"
* Switch to using $Approver->Name in templates since an AdminCc can
approve
* Allow fastcgi_server to specify a port
* Guard against SavedSearches with no content
* Ensure our output is always flagged as utf-8
* Allow queries like "Priority > -2"
* Fixes to Private/Public key methods
* Return 'set private key' from SetPrivateKey, not 'unset private key'
* Protect STDOUT under mod_perl - among other things, this fixes
Scrips that use system()
* Fix forwarding of messages without a top level textual part
Diffstat (limited to 'devel/rt3')
| -rw-r--r-- | devel/rt3/MESSAGE | 17 | ||||
| -rw-r--r-- | devel/rt3/Makefile | 4 | ||||
| -rw-r--r-- | devel/rt3/Makefile.install | 13 | ||||
| -rw-r--r-- | devel/rt3/PLIST | 8 | ||||
| -rw-r--r-- | devel/rt3/distinfo | 9 | ||||
| -rw-r--r-- | devel/rt3/patches/patch-ac | 12 |
6 files changed, 38 insertions, 25 deletions
diff --git a/devel/rt3/MESSAGE b/devel/rt3/MESSAGE index d60edc2692a..6acc3effe73 100644 --- a/devel/rt3/MESSAGE +++ b/devel/rt3/MESSAGE @@ -1,5 +1,5 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.3 2006/05/01 09:38:08 cube Exp $ +$NetBSD: MESSAGE,v 1.4 2011/02/26 20:58:15 spz Exp $ You must configure RT by editing ${PKG_SYSCONFDIR}/RT_SiteConfig.pm. @@ -30,5 +30,20 @@ You might also want to clear the Mason cache: rm -Rf ${RTVARDIR}/mason_data/obj +UPGRADING FROM 3.8.8 and earlier: + +Previous versions of RT used a password hashing scheme which was too +easy to reverse, which could allow attackers with read access to the +RT database to possibly compromise users' passwords. Even if RT does +no password authentication itself, it may still store these weak +password hashes -- using ExternalAuth does not guarantee that you are +not vulnerable! To upgrade stored passwords to a stronger hash, run: + + perl ${RTSHAREDIR}/etc/upgrade/vulnerable-passwords + +at this point. + +For other upgrading actions, see ${RTSHAREDIR}/etc/upgrade/UPGRADING + See also the manual on ${HOMEPAGE}docs.html =========================================================================== diff --git a/devel/rt3/Makefile b/devel/rt3/Makefile index 31d31a2cbd7..43a0c04d8ac 100644 --- a/devel/rt3/Makefile +++ b/devel/rt3/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.44 2010/09/17 21:41:54 spz Exp $ +# $NetBSD: Makefile,v 1.45 2011/02/26 20:58:15 spz Exp $ -DISTNAME= rt-3.8.8 +DISTNAME= rt-3.8.9 CATEGORIES= devel MASTER_SITES= http://download.bestpractical.com/pub/rt/release/ diff --git a/devel/rt3/Makefile.install b/devel/rt3/Makefile.install index 7d847acc2fe..f48244cc3d1 100644 --- a/devel/rt3/Makefile.install +++ b/devel/rt3/Makefile.install @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.install,v 1.15 2010/09/17 21:41:54 spz Exp $ +# $NetBSD: Makefile.install,v 1.16 2011/02/26 20:58:15 spz Exp $ .include "dirs.mk" @@ -39,7 +39,9 @@ SUBST_SED.path= -e 's,/bin:/usr/bin,/bin:/usr/bin:${PREFIX}/bin,' SUBST_STAGE.path= post-patch SUBST_CLASSES+= hardwired -SUBST_FILES.hardwired= share/html/NoAuth/RichText/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl +SUBST_FILES.hardwired= share/html/NoAuth/RichText/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl \ + share/rt3/etc/shrink_cgm_table.pl \ + share/rt3/etc/upgrade-mysql-schema.pl SUBST_SED.hardwired= -e 's,/usr/bin/perl,'${PERL5}',' SUBST_STAGE.hardwired= post-patch @@ -56,12 +58,14 @@ RT_ETC_FILES= acl.Oracle acl.Pg acl.mysql constraints.mysql \ schema.SQLite schema.mysql-4.0 schema.mysql-4.1 \ upgrade/3.8-branded-queues-extension \ upgrade/3.8-ical-extension \ + upgrade/generate-rtaddressregexp \ upgrade/shrink_cgm_table.pl \ upgrade/split-out-cf-categories \ - upgrade/upgrade-mysql-schema.pl + upgrade/upgrade-mysql-schema.pl \ + upgrade/vulnerable-passwords RT_UPGRADE_DIRS= 3.3.0 3.3.11 3.5.1 3.7.1 3.7.3 3.7.10 3.7.15 \ 3.7.19 3.7.81 3.7.82 3.7.85 3.7.86 3.7.87 \ - 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.6 3.8.8 + 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.6 3.8.8 3.8.9 MESSAGE_SUBST+= RTVARDIR=${RT_VAR_DIR:Q} RTSHAREDIR=${RT_SHARE_DIR:Q} @@ -74,6 +78,7 @@ do-install: ${INSTALL_DATA} ${WRKSRC}/etc/${_file_} ${DESTDIR}${RT_EXAMPLE_DIR} .endfor ${INSTALL_DATA_DIR} ${DESTDIR}${RT_SHARE_DIR}/etc + ${INSTALL_DATA} ${WRKSRC}/UPGRADING ${DESTDIR}${RT_SHARE_DIR}/etc .for _file_ in ${RT_ETC_FILES} ${INSTALL_DATA} ${WRKSRC}/etc/${_file_} ${DESTDIR}${RT_SHARE_DIR}/etc .endfor diff --git a/devel/rt3/PLIST b/devel/rt3/PLIST index 3d8bf375e6a..a6bc71cf918 100644 --- a/devel/rt3/PLIST +++ b/devel/rt3/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.17 2010/09/17 21:41:54 spz Exp $ +@comment $NetBSD: PLIST,v 1.18 2011/02/26 20:58:15 spz Exp $ bin/mason_handler.fcgi ${PLIST.speedycgi}bin/mason_handler.scgi bin/mason_handler.svc @@ -105,6 +105,7 @@ lib/rt3/RT/I18N/hr.po lib/rt3/RT/I18N/hu.po lib/rt3/RT/I18N/i_default.pm lib/rt3/RT/I18N/id.po +lib/rt3/RT/I18N/is.po lib/rt3/RT/I18N/it.po lib/rt3/RT/I18N/ja.po lib/rt3/RT/I18N/nb.po @@ -264,11 +265,13 @@ share/examples/rt3/RT_Config.pm share/examples/rt3/RT_SiteConfig.pm share/rt3/etc/3.8-branded-queues-extension share/rt3/etc/3.8-ical-extension +share/rt3/etc/UPGRADING share/rt3/etc/acl.Oracle share/rt3/etc/acl.Pg share/rt3/etc/acl.mysql share/rt3/etc/constraints.mysql share/rt3/etc/drop.Oracle +share/rt3/etc/generate-rtaddressregexp share/rt3/etc/initialdata share/rt3/etc/schema.Oracle share/rt3/etc/schema.Pg @@ -317,7 +320,9 @@ share/rt3/etc/upgrade/3.8.3/content share/rt3/etc/upgrade/3.8.3/schema.Pg share/rt3/etc/upgrade/3.8.4/content share/rt3/etc/upgrade/3.8.6/content +share/rt3/etc/upgrade/3.8.8/content share/rt3/etc/upgrade/${PKGVERSION}/content +share/rt3/etc/vulnerable-passwords share/rt3/html/Admin/CustomFields/GroupRights.html share/rt3/html/Admin/CustomFields/Modify.html share/rt3/html/Admin/CustomFields/Objects.html @@ -581,6 +586,7 @@ share/rt3/html/Install/Initialize.html share/rt3/html/Install/Sendmail.html share/rt3/html/Install/autohandler share/rt3/html/Install/index.html +share/rt3/html/NoAuth/Login.html share/rt3/html/NoAuth/Logout.html share/rt3/html/NoAuth/Reminder.html share/rt3/html/NoAuth/RichText/FCKeditor/editor/_source/classes/fckcontextmenu.js diff --git a/devel/rt3/distinfo b/devel/rt3/distinfo index bb04537362b..aecdd6d21cb 100644 --- a/devel/rt3/distinfo +++ b/devel/rt3/distinfo @@ -1,8 +1,7 @@ -$NetBSD: distinfo,v 1.18 2010/09/17 21:41:54 spz Exp $ +$NetBSD: distinfo,v 1.19 2011/02/26 20:58:15 spz Exp $ -SHA1 (rt-3.8.8.tar.gz) = be3ac598dcbf584f9bcd9a49248a9ccd3affb330 -RMD160 (rt-3.8.8.tar.gz) = de1efb75969d10c274ab48ef488e27f82fcb1a61 -Size (rt-3.8.8.tar.gz) = 5109734 bytes +SHA1 (rt-3.8.9.tar.gz) = 4dc78880220ccc8bf7b49b2c4efca0eeb3372133 +RMD160 (rt-3.8.9.tar.gz) = 6f9ddaae4886769c35684ede064563670fee6129 +Size (rt-3.8.9.tar.gz) = 5212874 bytes SHA1 (patch-aa) = 23964ba8d686931e1f92be88fa3a5d5e06070fce SHA1 (patch-ab) = 0cbfa31fb20b2c53e7beeed5591437361bbcf173 -SHA1 (patch-ac) = a330a62fba92f98ec3d590efccbc7607aebb3854 diff --git a/devel/rt3/patches/patch-ac b/devel/rt3/patches/patch-ac deleted file mode 100644 index 6b1920fb48b..00000000000 --- a/devel/rt3/patches/patch-ac +++ /dev/null @@ -1,12 +0,0 @@ -$NetBSD: patch-ac,v 1.3 2010/04/13 21:06:30 spz Exp $ - ---- ./lib/RT/Interface/Web.pm.orig 2009-12-11 17:27:20.000000000 +0000 -+++ ./lib/RT/Interface/Web.pm -@@ -88,6 +88,7 @@ sub EscapeUTF8 { - $$ref =~ s/\)/)/g; - $$ref =~ s/"/"/g; - $$ref =~ s/'/'/g; -+ $$ref = Encode::encode_utf8($$ref); - } - - # }}} |