---
- branch: MAIN
  date: Mon Apr 20 09:28:28 UTC 2009
  files:
  - new: '1.14'
    old: '1.13'
    path: pkgsrc/devel/bugzilla3/Makefile
    pathrev: pkgsrc/devel/bugzilla3/Makefile@1.14
    type: modified
  - new: '1.8'
    old: '1.7'
    path: pkgsrc/devel/bugzilla3/distinfo
    pathrev: pkgsrc/devel/bugzilla3/distinfo@1.8
    type: modified
  id: 20090420T092828Z.bf4ac398ce8f6f674804d5b15bcf22ea40514fe3
  log: |
    Updated devel/bugzilla3 to 3.2.3

    Security fix:
     * Attachment editing was vulnerable to a cross-site request forgery.
       Note that this issue was only fixed for 3.2.3 and 3.3.4 even though
       all versions of Bugzilla are affected (see below for an explanation).

    bug fixes:
     * Bugzilla is now compatible with MySQL 5.1.x versions 5.1.31
       and greater. (Bug 480001)
     * On Windows, Bugzilla sometimes would send mangled emails (that
       would often fail to send). (Bug 467920)
     * recode.pl would sometimes crash when trying to convert databases
       from older versions of Bugzilla. (Bug 431201)
     * Running a saved search with Unicode characters in its name would
       cause Bugzilla to crash. (Bug 477513)
     * Bugzilla clients like Mylyn can now update bugs again (the bug
       XML format now contains a "token" element that can be used when
       updating a bug). (Bug 476678)
     * For installations using the shadowdb parameter, Bugzilla was
       accidentally writing to the "tokens" table in the shadow database
       (instead of the master database) when using the "Change Several
       Bugs at Once" page. (Bug 476943)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/devel/bugzilla3'
  unixtime: '1240219708'
  user: abs