From: matty%chariot.net.au <>
Date: Sat, 28 Dec 2002 21:16:37 +0000 (+0000)
Subject: Release notes updates.
X-Git-Tag: bugzilla-2.16.3~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b6cf462b06bbc5e825610653a23a8d920404c089;p=thirdparty%2Fbugzilla.git

Release notes updates.
---

diff --git a/docs/rel_notes.txt b/docs/rel_notes.txt
index 7513a1b4c1..158a3497b8 100644
--- a/docs/rel_notes.txt
+++ b/docs/rel_notes.txt
@@ -1,5 +1,4 @@
-The 2.16.1 release fixes various bugs found in the 2.16
-release, including some security issues.
+The 2.16.2 release fixes some minor security issues in 2.16.1.
 
 **************************
 *** ABOUT THIS VERSION ***
@@ -10,7 +9,7 @@ bugzilla.mozilla.org unless otherwise specified.
 
 *** Recommended Practice For The Upgrade ***
 
-As always, please ensure you have ran checksetup.pl after
+As always, please ensure you have run checksetup.pl after
 replacing the files in your installation.
 
 It is recommended that you view the sanity check page
@@ -124,9 +123,26 @@ fix the problem on your installation.
   option "The bug is resolved or verified" to achieve part of this.
   (bug 130821)
 
-*********************************************
-*** USERS UPGRADING FROM 2.16 OR EARLIER  ***
-*********************************************
+*****************************************************************
+*** USERS UPGRADING FROM 2.16.1 OR EARLIER, 2.14.4 OR EARLIER ***
+*****************************************************************
+
+*** SECURITY ISSUES RESOLVED ***
+
+- Fixed a cross site scriptability issue in quips.  This is only a problem
+  if quips with HTML could have been inserted into your quips files.  Bugzilla
+  has not allowed this since 2.12.
+  (bug 179329)
+- checksetup.pl will now attempt to prevent access to "editor backups" of
+  localconfig.
+  (bug 186383)
+- collectstats.pl no longer makes data/mining (which contains graphing
+  information) world writeable.
+  (bug 183188)
+
+***********************************************
+*** USERS UPGRADING FROM 2.16.0 OR EARLIER  ***
+***********************************************
 
 *** SECURITY ISSUES RESOLVED ***
 
@@ -167,7 +183,7 @@ See also next major section.
 See also next section.
 
 ******************************************************
-*** USERS UPGRADING FROM 2.14.3 OR EARLIER, 2.16.0 ***
+*** USERS UPGRADING FROM 2.16.0, 2.14.3 OR EARLIER ***
 ******************************************************
 
 *** SECURITY ISSUES RESOLVED ***
@@ -195,7 +211,7 @@ See also next section.
   (bug 160631)
 
 ***********************************************
-*** USERS UPGRADING FROM 2.14.4 OR EARLIER  ***
+*** USERS UPGRADING FROM 2.14.5 OR EARLIER  ***
 ***********************************************
 
 *** SECURITY ISSUES RESOLVED ***
@@ -411,6 +427,13 @@ See also next section.
   their only email preference was being added or removed from QA.
   (bug 143091)
 
+***********************************************
+*** USERS UPGRADING FROM 2.14.4 OR EARLIER  ***
+***********************************************
+
+See section above about users upgrading from 2.16.1 or earlier,
+2.14.4 or earlier.
+
 ***********************************************
 *** USERS UPGRADING FROM 2.14.3 OR EARLIER  ***
 ***********************************************