ReleaseNotes365

From Sit
Jump to: navigation, search

The Support Incident Tracker developers are pleased to announce the immediate availability of v3.65, thanks to the dedicated hard work of our developers, translators and testers.

This release is primarily a security fix release, all users are strongly encouraged to upgrade immediately.

This is a Long Term Support edition, which means that we will be providing Technical Support and bug fixes for this release (as v3.66, v3.67... etc.) until around the time that v4.1 is released. Security fixes will be made available for longer than that - at least until v4.2 is released! We've decided to do this so that we can concentrate our main development efforts on exciting new features for 4.x without ignoring existing users who are currently using the 3.x versions of SiT! and to provide a stable upgrade path.

Please see our Roadmap to learn about our future release plans.

Contents

Highlights

  • Security Fixes
  • Minor bug fixes
  • New Afrikaans (af) translation (19%) thanks to Nico du Toit
  • Updated German (de-DE) translation and help files thanks to Gabriele Pohl

Security issues

Bug fixes

  • 0001688: [plugin hooks] Please add plugin context to contract_edit.php (ivan) - resolved.
  • 0001699: [security] Multiple security vulnerabilities HTB23043 (ivan) - resolved.
  • 0001601: [security] Errors should strip path from in-page output (ivan) - resolved.
  • 0001705: [security] May be possible to inject malicious SQL via syslang (ivan) - resolved.
  • 0001702: [other] Tidy ambiguous code in link_add.php (paulh) - resolved.
  • 0001565: [security] We should not allow QBE report to output password columns (ivan) - resolved.
  • 0001701: [security] XSS: Possible to inject javascript into search page (ivan) - resolved.
  • 0001691: [incidents] External ID value changed upon editing an incident (paulh) - resolved.
  • 0001687: [users] View Users | Jump to | Tasks displays session users tasks (paulh) - resolved.
  • 0001685: [users] Cannot edit user email (ivan) - resolved.
  • 0001680: [plugin hooks] Please add plugin context to contract_add.php (ivan) - resolved.

Known Issues

See bugs logged against v3.65 in Mantis

  • When running SiT! on Windows and using absolute file paths (with a drive letter, e.g. D:) fatal error messages may occur. (1713)
  • "Task Due" Trigger does not fire with scheduler and auto.php cron job running. (1471)
  • It's not possible to edit the text of the built-in notices using the Edit Template interface, these notices are translated into several languages so to change the text you will have to edit the relevant language file. See Translation for help with that.

All issues can be viewed in full at http://bugs.sitracker.org/view.php?id=XXX where XXX is the issue number.

Installation

In brief: unpack the archive into a folder on your web server and access http://hostname/folder/setup.php in your browser to run through the installation process. For more detailed instructions and system requirements see our manual page on Installation. Installation usually takes five to fifteen minutes (depending on experience).

Upgrading

The first step before upgrading any server software should be to make a full backup, go and do that now, check it and then come back and read manual the page on Upgrading. Upgrading usually takes ten to twenty minutes.

Thanks

Thanks to everybody who has helped shape this release, including everybody that has submitted ideas or bug reports, helped to test during the development cycle and all those who submitted code and translations.

Getting Support Incident Tracker v3.65

Download.png 3.65 was released 4 September 2011 Download it here

Stay informed of new releases

Subscribe to our low-traffic Announcements email list to be informed when a new version is released.

Alternatively, add our release announcements RSS Feed to your Feed reader.

or, follow us on Identi.ca or Twitter

Personal tools
project