Closed
Bug 77547
Opened 24 years ago
Closed 23 years ago
2.14 Release Notes
Categories
(Bugzilla :: Bugzilla-General, defect, P1)
Tracking
()
VERIFIED
FIXED
Bugzilla 2.14
People
(Reporter: CodeMachine, Assigned: CodeMachine)
References
Details
Attachments
(6 files)
2.14 Release Notes.
Please enter only changes from the 2.12 release notes in docs/rel_notes.txt.
|
Assignee | |
Updated•24 years ago
|
Target Milestone: --- → Bugzilla 2.14
|
|
Assignee | |
Comment 1•24 years ago
|
||
Please note that I expect all significant fixes, problems and release notes to
be documented in 2.14. We didn't do too good for 2.12, but that might be
because the release notes didn't exist when many of those problems were being
fixed.
|
|
Assignee | |
Comment 3•24 years ago
|
||
Our security procedures should be a lot simpler now. shadow no longer exists
and you can block data/comments with the addition of quips.cgi.
|
||
Comment 4•24 years ago
|
||
bug 75482: you can now deactivate groups without deleting them, thus preventing
any bugs from getting placed into those groups without opening said bugs to the
public.
|
||
Comment 5•24 years ago
|
||
|
|
||
Comment 6•24 years ago
|
||
Should also mention bug 28458 as action is required if you use QA Contacts:
> To include qa_contact in the New: e-mails for a running system, either the
> useqacontact parm has to be turned off then back on or the following SQL
> statement should be run:
>
> UPDATE fielddefs SET mailhead = 1 WHERE name = 'qa_contact';
|
|
||
Comment 7•24 years ago
|
||
Uh, are you sure Jake? Look at the definition for AddFDef() in checksetup.pl.
It replaces all your fielddefs (while carefully preserving the key numbers in the
table on existing items) every time you run checksetup.pl. The maintainer
shouldn't have to do a thing.
|
|
||
Comment 8•24 years ago
|
||
But qa_contact was left as '0' because by default the param for that is off.
And if qs_contact isn't used, then it shouldn't be in the mail headers.
http://lxr.mozilla.org/mozilla/source/webtools/bugzilla/checksetup.pl#1100
|
|
||
Comment 9•24 years ago
|
||
Which means it automatically breaks if the user updates. Reopening bug 28548 and
moving this discussion there...
|
|
||
Comment 10•24 years ago
|
||
er, bug 28458...
|
|
||
Comment 11•24 years ago
|
||
Bug 28458 is now fixed in such a way that no action is required (ie, properly :)
|
|
Assignee | |
Comment 12•24 years ago
|
||
|
|
Assignee | |
Comment 13•24 years ago
|
||
OK, the above is my suggested release notes.
I've kept the bulk of the 2.12 release notes for those who aren't upgrading from
2.12.
I haven't yet noted the bugs that haven't been fixed.
I'd also like some guidance as to whether the escaping and validation bugs were
purely theoretical problems or had known exploits.
|
|
||
Comment 14•24 years ago
|
||
I don't know of any known exploits, but there were people who successfully
created ways to exploit them for test cases (so they were real holes, and not
just theory, I'm sure we'd never know if someone exploited them).
The notes looks pretty good to me.
|
|
||
Comment 15•24 years ago
|
||
bug 76154 - checksetup.pl now provides .htaccess files for Apache when you run
it.
|
|
||
Comment 16•24 years ago
|
||
-> The writer of Release Notes.
Assignee: tara → matty
QA Contact: matty → jake
|
|
Assignee | |
Comment 17•24 years ago
|
||
|
|
Assignee | |
Comment 18•24 years ago
|
||
This should be the second last cut. I just will need to add the remaining
issues if and when they get fixed.
Please go over this with a fine tooth comb. I want you to check:
(a) bug numbers
(b) understandability and conciseness of descriptions
(c) completeness, correctness, and consistency
(d) the absence of useless redundancy
(e) layout
Severity: critical → blocker
Priority: -- → P1
|
||
Comment 19•24 years ago
|
||
> Administrators must make sure that certain files are properly inaccessible or
> confidential information might become available to enterprising individuals.
> This includes the localconfig file and the entire data directory.
Should 'properly inaccessible' be defined?
> - Sanity check can now only be run by people with in the 'editbugs' group.
> (bug 54556)
Should 'with in' be either 'within' , or just 'in', maybe?
|
|
Assignee | |
Comment 20•24 years ago
|
||
I need to update the notes once more before release, once the final bugs have
been fixed. I will deal with the issues in the previous comment then too.
|
|
Assignee | |
Comment 21•24 years ago
|
||
|
||
Comment 22•24 years ago
|
||
Also, need a relnote for 26194 to cover the prefs change.
|
|
||
Comment 23•23 years ago
|
||
relnote the votes changes (bug 95304)
|
|
Assignee | |
Comment 24•23 years ago
|
||
|
||
Comment 25•23 years ago
|
||
Found a typo: s/went/when/ ("when told to"). Other than that, it's great.
|
|
||
Updated•23 years ago
|
Component: Bugzilla → Bugzilla-General
Product: Webtools → Bugzilla
Version: Bugzilla 2.13 → 2.13
|
|
||
Comment 26•23 years ago
|
||
|
|
||
Comment 27•23 years ago
|
||
OK, all code changes are frozen unless someone finds a showstopper. Time for
the final version of the release notes. The last two comments here still need
to be fit in somewhere.
also, something to add to the outstanding issues section: the (role)_accessible
overrides to allow people to view bugs even if they aren't in that group only
allow you to view the bug if you know the bug number. It still will not show up
in their buglists and they will not receive email about it unless they are a
member of the group the bug is restricted to. These are filed as bug 40885 and
bug 95024.
|
||
Comment 28•23 years ago
|
||
|
|
Assignee | |
Comment 29•23 years ago
|
||
|
|
||
Comment 30•23 years ago
|
||
r= justdave
|
|
Assignee | |
Comment 31•23 years ago
|
||
|
|
||
Comment 32•23 years ago
|
||
V6 is now checked in.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
||
Updated•12 years ago
|
QA Contact: jake → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•