Update RT to version 3.8.12:

Changes from 3.8.11 to 3.8.12:
    This release, in addition to being a bugfix release, also resolves a
    number of security vulnerabilities.  It resolves CVE-2011-2082,
    CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458,
    CVE-2011-4459, and CVE-2011-4460.

     * Upgrade prototype.js to version 1.7, for compatibility with google
       charts.
     * Remove ie7.js, which is no longer used.
     * Ensure that TransactionBatch scripts are only run once.

Changes from 3.8.10 to 3.8.11:
    This release contains a number of bugfixes and minor security updates
    since the 3.8.10 release, most notably:

     * Adjust FCGI dependency to one which resolves FCGI's CVE-2011-2766

     * New WebHttpOnlyCookies option, enabled by default, which hides RT's
       cookie from direct Javascript access.

     * Compatibility with perl 5.12 and 5.14, by removing deprecated "for
       qw(...)" and "defined %hash" syntax.

     * MySQL 5.5 compatibility, by specifying ENGINE=InnoDB rather than
       TYPE=InnoDB

     * Ensure that RT::Interface::Web's _Overlay, _Local, and _Vendor files
       are loaded correctly.

     * Fix session cleaner for on-disk sessions, broken since 3.8.0.

     * Ensure that only one "Based on" attribute is stored for each custom
       field.

     * Fix the loading of Shredder plugins, broken in 3.8.10.

0 files changed, 0 insertions, 0 deletions