From: justdave%syndicomm.com <>
Date: Sun, 28 Jul 2002 06:50:45 +0000 (+0000)
Subject: Updated release notes
X-Git-Tag: bugzilla-2.14.3~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a0b98f33848b50732e15d747bda57e378e4c5bd2;p=thirdparty%2Fbugzilla.git

Updated release notes
---

diff --git a/docs/rel_notes.txt b/docs/rel_notes.txt
index baac142c4a..5ea59dbac1 100644
--- a/docs/rel_notes.txt
+++ b/docs/rel_notes.txt
@@ -1,14 +1,19 @@
-The 2.14.2 release fixes several security issues that became known
-to us after the Bugzilla 2.14.1 release.  Please see the upgrade
-procedure below for details on how to upgrade to 2.14.2.
-
-Please note that the upcoming release of 2.16 will incorporate
-various rearchitectures that will make failure-to-validate
-and failure-to-filter errors harder to insert and easier to
-spot.  In particular this means there may be holes in the 2.14
-line that have not been discovered, yet are fixed in 2.16.  If
-such holes exist they probably won't be fixed in 2.14 point
-releases, unless they are discovered.
+The 2.14.3 release fixes a regression in the ability to sort
+buglists on more than one field, which was caused by the 2.14.2
+security update.  Also fixed in this release is a possible
+misuse of a system() call in contrib/bug_email.pl (which is
+not supported at this time, but we felt it would be useful to
+fix as long as we knew about it).  Please see the upgrade
+procedure below for details on how to upgrade to 2.14.3.
+
+Regarding security issues, please note that the release of 2.16
+(simultaneous with 2.14.3) incorporates various rearchitectures
+that make failure-to-validate and failure-to-filter errors
+harder to insert and easier to spot.  In particular this means
+there may be holes in the 2.14 line that have not been
+discovered, yet are fixed in 2.16.  If such holes exist they
+probably won't be fixed in 2.14 point releases, unless they are
+discovered.
 
 There may be future point releases of 2.14, even after the
 release of 2.16, however support for 2.14 will likely be
@@ -124,6 +129,24 @@ fix the problem on your installation.
   option "The bug is resolved or verified" to achieve part of this.
   (bug 130821)
 
+
+
+***********************************************
+*** USERS UPGRADING FROM 2.14.2 OR EARLIER  ***
+***********************************************
+
+- The fix for bug 130821 in 2.14.2 broke being able to sort
+  bug lists on more than one field.  buglist.cgi now allows
+  you to sort on more than one field again.
+  (bug 152138)
+
+- Basic maintenance on contrib/bug_email.pl and
+  contrib/bugzilla_email_append.pl which also fixes a
+  possible security hole with a misuse of a system() call.
+  These files are not supported at this time, but as long
+  as we knew about the problem, we couldn't overlook it.
+  (bug 154008)
+
 ***********************************************
 *** USERS UPGRADING FROM 2.14.1 OR EARLIER  ***
 ***********************************************