Hello community,
here is the log from the commit of package otrs for openSUSE:Factory checked in at 2013-08-02 07:07:46
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/otrs (Old)
and /work/SRC/openSUSE:Factory/.otrs.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "otrs"
Changes:
--------
--- /work/SRC/openSUSE:Factory/otrs/otrs.changes 2013-03-21 09:53:45.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.otrs.new/otrs.changes 2013-08-02 07:07:50.000000000 +0200
@@ -1,0 +2,242 @@
+Sat Jul 27 00:12:28 UTC 2013 - chris@computersalat.de
+
+- fix for bnc#828850 (CVE-2013-4717, CVE-2013-4718)
+- Update to 3.2.9
+ (fix for OSA-2013-05, CVE-2013-4717, CVE-2013-4718)
+ http://otrs.org/advisory/
+ * Bug#9561 - ACL restriction with CustomerID for DynamicFields at
+ new Ticket screen not working.
+ * Bug#8728 - Problem loading otrs-initial_insert.oracle.sql.
+ * Bug#9481 - Possible to select invalid services in SLA admin screen.
+ * Bug#9539 - Cannot send notification to a group of customers.
+ * Bug#8273 - Copying text in preview mode not possible.
+ * Bug#9557 - Cannot see quoted text in customer ticket zoom.
+ * Bug#9011 - GenericInterface: New value after value mapping can't be 0.
+ * Improved parameter quoting in various places.
+ * Bug#9104 - Group permission for customer subset overwrites
+ permissions for other customers.
+ * Bug#9434 - Activities are not translated.
+ * Bug#9261 - Ticket Inbound changes FROM in view.
+ * Bug#9540 - AgentTicketOwner doesn't activate PreviousOwner if new
+ owner is selected.
+ * Bug#9365 - AgentLinkObject screen does not provide a search
+ restriction for ticket type.
+ * Bug#9533 - Delete Inactive Process button not aligned.
+ * Bug#9504 - wrong status after answer via customer portal.
+ * Bug#9425 - Wrong created date for queue view.
+ * Follow-up fix for bug#[8880] - No inline image shown if HTML
+ email contains 'base' tag.
+ * Bug#8112 - Display issue in FROM column of AgentTicketZoom with
+ some agent names.
+ * Bug#9524 - Uninitialized value after step2 in TicketAccountedTime
+ stats.
+ * Bug#9511 - ProcessManagement: No SLA verification after Service
+ update.
+ * Bug#9513 - Frontend::ToolBarModule###11-CICSearchCustomerUser
+ does not use settings of Frontend::Agent::CustomerSearch.
+ * Bug#8719 - PasswordMin2Lower2UpperCharacters problem.
+- update OTRS::ITSM to 3.2.7
+ (fix for OSA-2013-05, CVE-2013-4717, CVE-2013-4718)
+- fix spec
+
+-------------------------------------------------------------------
+Tue Jun 18 22:22:50 UTC 2013 - chris@computersalat.de
+
+- Update to 3.2.8: 2013-06-18
+ (fix for OSA-2013-04, CVE-2013-4088)
+ * bug#9464 - Unique email address only checked during CustomerUserAdd, not
+ during Update.
+ * bug#9497 - AgentTicketSearch logs a Uninitialized error message in Oracle.
+ * bug#9451 - Possible to select invalid autoresponses for queues.
+ * bug#9516 - Field names for account signups in some languages are broken.
+ * bug#9501 - Missing values in GenericAgent ticket list for tickets without
+ articles.
+ * bug#9447 - Empty line at PDF search result with process tickets (0 article).
+ * bug#9409 - If HTTP_USER_AGENT isn't set, error on Layout.pm.
+ * bug#9454 - Use of uninitialized value error in AgentTicketForward.pm, undef
+ Next ticket state.
+ * bug#9493 - Use of uninitialized value error in AgentTicketPhone.pm on Ticket
+ Split action.
+ * bug#9503 - no connection header in soap responses.
+ * Improved permission checks in AgentTicketWatcher.
+ * bug#7143 - "SFTP." gets rewritten to "Shttp://FTP."
+ * bug#9488 - Use of uninitialized value at OutofOffice setting in
+ AgentPreferences.
+ * bug#9479 - ProcessManagement: Article and CustomerID should not be Hidden.
+ * bug#9491 - GenericAgent job update with dynamic fields sends Uninitialized
+ value error.
+ * bug#9456 - Empty 'Dropdown' dynamic field value of GenericAgent job wont get
+ used and stored.
+ * Follow-up fix for bug#9245 - Added translatable titles for transition
+ buttons.
+ * Updated Russian translation, thanks to Alexey Gluhov!
+ * bug#9245 - Improve user interaction on transitions.
+ * bug#9284 - Improve user experience of accordion widget.
+ * bug#9105 - Opening reply view crashes browsers on iPad 3.
+ * Fixed caching key and inquiry of dynamic field value in HistoryTicketGet
+ function (TE).
+ * Added a new parameter to disable default sorting of statistics.
+ * Added '-a reinstall-all' feature to bin/otrs.PackageManager.pl.
+ * bug#9476 - AgentTicketZoom: translation of "split" into german language.
+ * bug#9459 - Creating a new transition action coming from the transition path
+ view produces errors.
+ * bug#9458 - Double click on Transition opens error message.
+ * bug#9241 - Article ignored in article search index if body is almost empty.
+ The StaticDB fulltext search backend is now fully configurable.
+ * bug#9462 - Package Management page timeout due to HTTPS disabled on Proxy
+ connections.
+ * bug#9408 - A value of Dest inputed in CustomerTicketMessage isn't validated.
+ * bug#9418 - Incorrect decoding email subject and From token.
+ * bug#9448 - AgentTicketPhoneInbound/Outbound inserts Agent's personal email
+ address into article "from".
+ * bug#9445 - ProcessManagement: Error Message: Need ServiceID or Name!.
+ * bug#9439 - ProcessManagement: Customer field value is not remembered after
+ server error is detected.
+- Update to 3.2.7: 2013-05-21
+ * Updated Package Manager, that will ensure that packages to be installed
+ meet the quality standards of OTRS Group. This is to guarantee that your
+ package wasn’t modified, which may possibly harm your system or have an
+ influence on the stability and performance of it. All independent package
+ contributors will have to conduct a check of their Add-Ons by OTRS Group
+ in order to take full advantage of the OTRS package verification.
+ * bug#9387 - Error in a condition with dynamic fields in NotificationEvent.
+ * bug#9286 - Ticket::ChangeOwnerToEveryone isn't functional, After a AJAX
+ Load the setting is ignored.
+ * bug#7518 - Escalation Notify by not working properly (follow-up fix).
+ * bug#9410 - SessionID isn't added to URL when using ajax customer search
+ without cookies active.
+ * bug#9419 - Process Management: List of available dialog fields lists
+ Responsible even if feature is inactive.
+ * bug#9246 - ProcessManagement: TranstionAction error messages not sufficient
+ enough.
+ * bug#9345 - OTRS exceeds 998 character limit in References Line of E-Mail
+ Header.
+ * bug#7478 - Got an external answer to an internal mail.
+ * Improved permission checks in AgentTicketPhone.
+ * bug#9360 - DynamicField Names shown in CSV output.
+ * bug#8880 - No inline image shown if HTML email contains 'base' tag.
+ * bug#9374 - Add more functions to rich text editor.
+ * Fixed postmaster filter edit screen layout.
+ * bug#9358 - Date/Time DynamicFields are broken in CustomerInterface.
+ * bug#9384 - Problem with Method ServiceParentsGet of ServiceObject.
+ * bug#9371 - UserSalutation field in LDAP.pm fix.
+ * bug#8997 - Owner warnings translatable.
+ * bug#9375 - Extra colon at the end of recipient lists in forwarded message.
+ * Updated Polish translation file, thanks to ib.pl!
+ * bug#9040 - CustomerTicketPrint crashes when no attributes are configured to
+ be printed.
+ * Added UnitTest for case sensivity parameter of customer databases
+ * bug#9362 - cannot redirect to external url containing & caracter.
+ * bug#7856 - Statistics only use non archived tickets.
+ * bug#9072 - Reply to email-internal includes customer users email in Cc.
+ field.
+ * bug#9349 - SQL warnings on Oracle DB if more than 4k characters are sent
+ to the database.
+ * bug#9353 - Customer Ticket Zoom shows owner login name instead of full name.
+ * bug#8599 - Problem with "[]" characters in name of attachment file.
+- Update ITSM to 3.2.6
+ * Bug#9351 - Wrong LastScreenOverview in AgentITSMConfigItemSearch
+ * Bug#9352 - Missing LastScreenOverview in AgentITSMConfigItem (OverviewSmall)
+ * Bug#8961 - Get impact list in AgentTicketPhone before obtain SplitTicketParam.
+ * remove packages30 support
+ - update ITSM to 3.2.5
+ (fix for OSA-2013-03, CVE-2013-3551)
+ - update ITSM to 3.2.4
+ (fix for OSA-2013-02, CVE-2013-2637)
+ - update ITSM to 3.2.3
+ (fix for OSA-2013-01, CVE-2013-2625)
+- rebase perm.patch
+- fix permission
+ * on DBUpdate otrs needs write acces to Kernel/Config/Files
+ attr(2775,wwwrun,www) dir {otrs_root}/{name}/Kernel/Config/Files
+
+-------------------------------------------------------------------
+Thu May 9 20:28:02 UTC 2013 - alexandre@exatati.com.br
+
+- Update to 3.2.6:
+ - Bug#9310 - AgentTicketProcess has the same shortkey "o" as
+ AgentTicketQueue.
+ - Bug#9280 - Database upgrade procedure problems when upgrading
+ database to 3.2 that has been upgraded from 2.4 previously.
+ - Bug#9264 - Dynamic ticket text fields are displayed with value
+ "1" if enabled and displayed by default in ticket search screen.
+ - Bug#8960 - AgentTicketSearch.pm SearchProfile problem.
+ - Bug#9328 - Notification event does not work on process ticket.
+ - Fixed broken process import.
+ - Follow-up for bug#9215 - Process import always creates new
+ process. The overwrite optionwas removed again because of
+ logical problems.
+ - Added parameter "-t dbonly" to backup.pl to only backup the
+ database (if files are backed up otherwise).
+ - Bug#9302 - Process Management: Misleading description for
+ activities without dialogs.
+ - Bug#9182 - Customer Search Function -> If you go into a ticket
+ and go back you got not the search results.
+ - Bug#9297 - Customer information widget losing data.
+ - Bug#9244 - Process Management: Transitions on Activities does
+ not scale well.
+ - Bug#9287 - Process Management: strange placement of target point
+ for new transitions.
+ - Bug#9294 - Process Management: Activity hover window not
+ displayed properly if activity is very close to bottom canvas
+ border.
+ - Bug#9314 - Process Management: Unexpected redirection after
+ creating a new process.
+ - Bug#9312 - LinkObject permission check problem.
+
+-------------------------------------------------------------------
+Wed Apr 10 13:09:04 UTC 2013 - alexandre@exatati.com.br
+
+- Update to 3.2.5:
+ (fix for OSA-2013-03, CVE-2013-3551)
+ * Bug#9313 - No such file or directory in otrs.SetPermission.pl.
+ * Bug#9306 - Auto Response fails when ticket is created from
+ Customer Interface and last name contains a comma.
+ * Bug#9308 - Impossible to create a new stats report with absolute
+ period.
+ * Bug#9307 - Packages not compatible with 3.2.4 listed as available
++++ 45 more lines (skipped)
++++ between /work/SRC/openSUSE:Factory/otrs/otrs.changes
++++ and /work/SRC/openSUSE:Factory/.otrs.new/otrs.changes
Old:
----
itsm-3.2.2.tar.bz2
otrs-3.2.3.tar.bz2
New:
----
itsm-3.2.7.tar.bz2
otrs-3.2.9.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ otrs.spec ++++++
--- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200
+++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200
@@ -16,12 +16,12 @@
#
-%define otrs_ver 3.2.3
-%define itsm_ver 3.2.2
+%define otrs_ver 3.2.9
+%define itsm_ver 3.2.7
%define itsm_min 3.2
%define otrs_root /srv
-%define otrsdoc_dir_files CHANGES COPYING* CREDITS README* UPGRADING.SuSE doc
-%define otrsdocs CHANGES doc
+%define otrsdoc_dir_files CHANGES* COPYING* CREDITS README* UPGRADING.SuSE doc
+%define otrsdocs CHANGES* doc
Name: otrs
Summary: The Open Ticket Request System
@@ -189,7 +189,8 @@
do
%__mv $file var/cron/`basename $file .dist`
done
-%__rm INSTALL{.md,.RedHat,.SuSE}
+%__rm INSTALL.md
+#%__rm INSTALL{.md,.RedHat,.SuSE}
#%__mv INSTALL.SuSE INSTALL
%install
@@ -342,7 +343,7 @@
###############
## {root,www}
###############
-%defattr(0750,root,www,0755)
+%defattr(0770,root,www,0775)
# bin
%{otrs_root}/%{name}/bin
#exclude %{otrs_root}/%{name}/bin/%{name}.DeleteSessionIDs.pl
@@ -404,15 +405,15 @@
# var/{packages,spool}
%{otrs_root}/%{name}/var/packages
-%dir %{otrs_root}/%{name}/var/spool
+#%dir %{otrs_root}/%{name}/var/spool
# var/{article,log,tmp}
#defattr(0644,%{name},www,2775)
-%dir %{otrs_root}/%{name}/var/article
+#%dir %{otrs_root}/%{name}/var/article
%ghost %config(noreplace) %attr(660,%{name},www) %{otrs_root}/%{name}/var/log/TicketCounter.log
-%defattr(0644,%{name},www,2775)
-%dir %{otrs_root}/%{name}/var/tmp
+#%defattr(0644,%{name},www,2775)
+#%dir %{otrs_root}/%{name}/var/tmp
%defattr(0660,%{name},www,2775)
%dir %{otrs_root}/%{name}/var/log
@@ -437,7 +438,7 @@
%{otrs_root}/%{name}/var/httpd/htdocs
# var/{session,stats}
-%dir %{otrs_root}/%{name}/var/sessions
+#%dir %{otrs_root}/%{name}/var/sessions
%dir %{otrs_root}/%{name}/var/stats
%{otrs_root}/%{name}/var/stats/*
@@ -455,7 +456,8 @@
%{otrs_root}/%{name}/Kernel/Config/Defaults.pm
%config(noreplace) %{otrs_root}/%{name}/Kernel/Config/GenericAgent.pm
%{otrs_root}/%{name}/Kernel/Config/GenericAgent.pm.*
-%dir %{otrs_root}/%{name}/Kernel/Config/Files
+# as otrs user: perl scripts/DBUpdate-to-3.2.pl needs
+%attr(2775,wwwrun,www) %dir %{otrs_root}/%{name}/Kernel/Config/Files
#{otrs_root}/%{name}/Kernel/Config/Files/Deprecated.xml
%{otrs_root}/%{name}/Kernel/Config/Files/Framework.xml
%{otrs_root}/%{name}/Kernel/Config/Files/GenericInterface.xml
@@ -490,7 +492,8 @@
%doc COPYING*
%doc README.itsm*
%doc itsm-%{itsm_ver}/INSTALL-%{itsm_min}.ITSM
+%defattr(0644,wwwrun,www,0755)
%{otrs_root}/%{name}/itsm
-%config %attr(0644,wwwrun,www) %{otrs_root}/%{name}/Kernel/Config/Files/ZZZAuto.pm
+%config %attr(0664,wwwrun,www) %{otrs_root}/%{name}/Kernel/Config/Files/ZZZAuto.pm
%changelog
++++++ UPGRADING.SuSE ++++++
--- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200
+++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200
@@ -9,7 +9,7 @@
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
-These instructions are for people upgrading OTRS from "3.0" to "3.1",
+These instructions are for people upgrading OTRS "3.1" to "3.2",
and applies both for RPM and source code (tarball) upgrades.
If you are running a lower version of OTRS you have to follow the upgrade path
@@ -19,15 +19,7 @@
take an extra step; please read http://bugs.otrs.org/show_bug.cgi?id=6798
If you need to do a "patch level upgrade", which is an upgrade for instance
-from OTRS version 3.1.1 to 3.1.3, you should skip steps 8, 10 and 12-19.
-
-Please note that for upgrades from 3.1.beta1 or 3.1.beta2, an additional step 20
-is needed!
-
-If you are using Microsoft SQL Server as the DBMS for OTRS, please refer
-to the manual, chapter "Upgrading Microsoft SQL Server Data Types" for instructions
-how to upgrade the data types used by OTRS
-(http://doc.otrs.org/3.1/en/html/upgrading-mssql-datatypes.html).
+from OTRS version 3.2.1 to 3.2.3, you should skip steps 7, 8, 10 and 12-19.
1) Stop all relevant services
@@ -96,6 +88,22 @@
=====================
MySQL:
+
+ Note: new tables created in the MySQL UPGRADING process will be created with the
+ default table storage engine set in your MySQL server.
+ In MySQL 5.5 the new default type is InnoDB.
+ If existing tables, e.g. "users", have the table storage engine e.g. MyISAM,
+ then an error will be displayed when creating the foreign key constraints.
+
+ You have two options: you can change the default storage engine of MySQL back to MyISAM
+ so that new tables will have the same engine as the existing tables,
+ or change the existing tables to use InnoDB as storage engine.
+
+ Any problems with regards to the storage engine will be reported by the
+ `otrs.CheckDB.pl` script, so please run it to check for possible issues.
+
+ shell> bin/otrs.CheckDB.pl
+
shell> cat scripts/DBUpdate-to-3.1.mysql.sql | mysql -p -f -u root otrs
PostgreSQL 8.2+:
@@ -115,6 +123,8 @@
DATABASE MIGRATION SCRIPT
=========================
+ Run the migration script (as user `otrs`, NOT as `root`):
+
shell> scripts/DBUpdate-to-3.1.pl
Do not continue the upgrading process if this script did not work properly
++++++ ZZZAuto.pm ++++++
--- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200
+++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200
@@ -9,10 +9,8 @@
$Self->{'DefaultLanguage'} = 'de';
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'Package::RepositoryList'} = {
- 'file://@OTRS_ROOT@/otrs/itsm/packages30/' => '[--OTRS::ITSM 3.0 local repo]',
'file://@OTRS_ROOT@/otrs/itsm/packages31/' => '[--OTRS::ITSM 3.1 local repo]',
'file://@OTRS_ROOT@/otrs/itsm/packages32/' => '[--OTRS::ITSM 3.2 local repo]',
- 'http://ftp.otrs.org/pub/otrs/itsm/packages30/' => '[--OTRS::ITSM 3.0 Master--] http://ftp.otrs.org/',
'http://ftp.otrs.org/pub/otrs/itsm/packages31/' => '[--OTRS::ITSM 3.1 Master--] http://ftp.otrs.org/',
'http://ftp.otrs.org/pub/otrs/itsm/packages32/' => '[--OTRS::ITSM 3.2 Master--] http://ftp.otrs.org/'
};
++++++ itsm-3.2.2.tar.bz2 -> itsm-3.2.7.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/otrs/itsm-3.2.2.tar.bz2 /work/SRC/openSUSE:Factory/.otrs.new/itsm-3.2.7.tar.bz2 differ: char 11, line 1
++++++ otrs-3.2.3.tar.bz2 -> otrs-3.2.9.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/otrs/otrs-3.2.3.tar.bz2 /work/SRC/openSUSE:Factory/.otrs.new/otrs-3.2.9.tar.bz2 differ: char 11, line 1
++++++ otrs-httpd_conf.patch ++++++
--- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200
+++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200
@@ -74,7 +74,7 @@
<IfModule mod_headers.c>
-