* Tue Aug 31 2021 Steve Kowalik <steven.kowalik@suse.com>
- Add modernize-bugzilla-submit.patch:
- Port bugzilla-submit to Python 3.
* Sun Dec 13 2020 ecsos <ecsos@opensuse.org>
- Use apache-rpm-macros.
- Put apache configuration files in separate subpackage.
- Remove %service_add_post and %server_del_postun apache2.service
from spec.
- Fix two rpmlint errors.
* Mon Feb 03 2020 Dominique Leuenberger <dimstar@opensuse.org>
- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
shortcut through the -mini flavors.
* Wed Jul 17 2019 ecsos@opensuse.org
- Update to 5.0.6
This release contains a schema change to the flagtypes table,
allowing for many more flagtypes.
- The flagtypes table should have been using a mediumint for
several releases, but due to a bug in the schema migration code
this never happened.
- Changes from 5.0.5
This release reformats the code according to the same
conventions as the popular Mojolicious product and includes a
.perltidyrc to do the same. You may use whatever coding style you
want, but all files commited to the repo must be reformatted
according to those rules.
Additionally, we no longer follow the same release process as
before. Releases will be more frequent.
- As it is now 2019, the bugs_fulltext table is now InnoDB instead
of MyISAM. This may cause upgrade headaches.
- Update german language to 5.0.4-2.
- Drop bugzilla-de-tagfix.patch because now in upstream language.
- Run spec-cleaner.
Version: 5.0.4-bp150.2.3
* Fri Mar 23 2018 ecsos@opensuse.org
- update german language to 5.0.4
- Add patch bugzilla-de-tagfix.patch to fix "missing closing tag
in german language pack" (boo#1015765).
Thanks voorburg@gmx.net.
* Mon Mar 05 2018 ecsos@opensuse.org
- update to 5.0.4
This release fixes one security issue.
See the Security Advisory for details.
- checksetup.pl would fail to update Chart storage during
pre-3.6 to 5.0 upgrade. (Bug 1273846)
- editflagtypes.cgi would crash when classifications are enabled
and the user did not have global editcomponents privileges.
(Bug 1310728)
- The File::Slurp would trigger warnings on perl 5.24.
(Bug 1301887)
- All the time entries in the 'when' column had the correct date
but the time was fixed to 00:00 when using Sqlite.
(Bug 1303702)
* Wed Oct 04 2017 matwey.kornilov@gmail.com
- rename bugzilla.rpmlintrc to bugzilla-rpmlintrc
to follow guidelines
* Tue Oct 03 2017 matwey.kornilov@gmail.com
- put bugzilla.rpmlintrc into Sources
* Tue Jul 26 2016 ecsos@opensuse.org
- update german language to 5.0.3-1
* Thu Jun 16 2016 ecsos@opensuse.org
- update to 5.0.3
This release fixes one security issue and some bug fixes.
https://www.bugzilla.org/releases/5.0.3/release-notes.html
- A regression in Bugzilla 5.0.2 caused whine.pl to be unable
to send emails due to a missing subroutine. (Bug 1235395)
- The Encode module changed the way it encodes strings,
causing email addresses in emails sent by Bugzilla to be encoded,
preventing emails from being correctly delivered to recipients.
We now encode email headers correctly. (Bug 1246228)
- Fix additional taint issues with Strawberry Perl.
(Bug 987742 and bug 1089448)
- When exporting a buglist as a CSV file, fields starting with
either "=", "+", "-" or "@" are preceded by a space to not
trigger formula execution in Excel. (Bug 1259881)
- An extension which allows user-controlled data to be used as
a link in tabs could trigger XSS if the data is not correctly
sanitized. Bugzilla no longer relies on the extension to do the
sanity check. A vanilla installation is not affected as no tab
is user-controlled. (Bug 1250114)
- Extensions can now easily override the favicon used for the
Bugzilla website. (Bug 1250264)
- Security fix:
* (CVE-2016-2803)
https://www.bugzilla.org/security/4.4.11/
- rework patch fix_whine_error.patch because most now in upstream
* Mon Jan 25 2016 ecsos@opensuse.org
- update german language to 5.0.2-1
* Tue Jan 19 2016 ecsos@opensuse.org
- fix error "Undefined subroutine..." in whine.pl
https://bugzilla.mozilla.org/show_bug.cgi?id=1235395
* Sun Jan 03 2016 ecsos@opensuse.org
- update to 5.0.2
This release fixes two security issues and some bug fixes.
https://www.bugzilla.org/releases/5.0.2/release-notes.html
- mod_perl now works correctly with mod_access_compat turned off
on Apache 2.4.
To regenerate the .htaccess files, you must first delete all
existing ones in subdirectories:
find . -mindepth 2 -name .htaccess -exec rm -f {} \;
You must then run checksetup.pl again to recreate them with
the correct syntax. (Bug 1223790)
- Emails sent by Bugzilla are now correctly encoded as UTF-8.
(Bug 714724)
- Strawberry Perl is now fully supported on Windows.
(Bug 1089448 and bug 987742)
- The XML-RPC API now works with IIS on Windows. (Bug 708252)
- Some queries should now be faster on PostgreSQL. (Bug 1184431)
- Security fixes:
* (CVE-2015-8508)
https://www.bugzilla.org/security/4.2.15/
https://bugzilla.mozilla.org/show_bug.cgi?id=1221518
* (CVE-2015-8509)
https://www.bugzilla.org/security/4.2.15/
https://bugzilla.mozilla.org/show_bug.cgi?id=1232785
* Fri Sep 18 2015 ecsos@opensuse.org
- update to 5.0.1
This update fixes several vulnerabilities
https://www.bugzilla.org/releases/5.0.1/release-notes.html
- Security fixes:
* (CVE-2015-4499)
https://www.bugzilla.org/security/4.2.14/
https://bugzilla.mozilla.org/show_bug.cgi?id=1202447
* Mon Jul 13 2015 ecsos@opensuse.org
- update to 5.0
https://www.bugzilla.org/releases/5.0/release-notes.html
- update german language to 5.0
- fix no acccess under apache 2.4 in bugzilla.conf
* Tue Jun 23 2015 ecsos@opensuse.org
- add perl-Module-Pluggable and perl-Object-Pluggable to Requires:
because it will be removed in next perl major release.
* Thu Apr 23 2015 ecsos@opensuse.org
- update to 4.4.9
- Users who are not in the insidergroup were able to determine
if some specific user made a private comment in bugs.
(Bug 1151290)
- Due to a regression caused by bug 1090275, the WebService
methods Bug.get_bugs and Bug.get_history were no longer
allowed. (Bug 1154099)
- Bugzilla now supports the new .htaccess format from Apache 2.4.
(Bug 1121477)
- A regression in Bugzilla 4.4.3 due to CVE-2014-1517 caused the
admin's password to be ignored when starting a sudo session.
(Bug 1132887)
- update bugzilla.conf with new from .htaccess
- update german language to 4.4.9
* Wed Mar 25 2015 jweberhofer@weberhofer.at
- Moved code from .htaccess file into bugzilla.conf
- Removed BOM from bugzilla.conf
- Explicitly set directory rights for gernam language pack
- Cleaned up spec file
* Mon Mar 02 2015 ecsos@opensuse.org
- update to 4.4.8
- Fixing a regression caused by bug 10902750,
JSON-RPC API calls could crash in certain cases instead of
displaying the proper error message. (Bug 1124716)
- changes from 4.4.7
- The Bug.add_comment WebService method now returns the
correct ID for the newly created bug comment. (Bug 1111043)
Fixing a regression caused by CVE-2014-1571 (bug 1064140),
comments made while setting a flag from the attachment
details page are again included in the flag notification email.
(Bug 1082887)
- update german language to 4.4.8
- remove cvs check and add git check for unneeded files
* Tue Oct 28 2014 ecsos@opensuse.org
- insert BuildRequires: apache, so apache dirs not owned by
this package
- insert bugzilla.conf for apache
* Wed Oct 08 2014 ecsos@opensuse.org
- Update to 4.4.6
* Mon Sep 22 2014 ecsos@opensuse.org
- Update to 4.4.5
- added german template
- correct and upgrade spec
* Sat Apr 16 2011 jengelh@medozas.de
- Update to upstream release 4.1.1
* Sat Sep 04 2010 jengelh@medozas.de
- Remove unwanted "CVS" directories from installation
- Remove unwanted ".cvsignore" files
- Change rpmgroup for rpmlint
- Mark shebang scripts as executable (chmod +x)