---
- branch: MAIN
  date: Sat Apr 16 09:41:19 UTC 2011
  files:
  - new: '1.47'
    old: '1.46'
    path: pkgsrc/devel/rt3/Makefile
    pathrev: pkgsrc/devel/rt3/Makefile@1.47
    type: modified
  - new: '1.20'
    old: '1.19'
    path: pkgsrc/devel/rt3/PLIST
    pathrev: pkgsrc/devel/rt3/PLIST@1.20
    type: modified
  - new: '1.20'
    old: '1.19'
    path: pkgsrc/devel/rt3/distinfo
    pathrev: pkgsrc/devel/rt3/distinfo@1.20
    type: modified
  id: 20110416T094119Z.c2d70ab7bf4635144e1a50b69fd8efaff6b38b5f
  log: |
    Upstream announce message:
    This release, in addition to being a bugfix release, also resolves a
    number of security vulnerabilities.  It resolves CVE-2011-1685,
    CVE-2011-1686, CVE-2011-1687, CVE-2011-1688, CVE-2011-1689, and
    CVE-2011-1690.

    * Cleanups identified by perlcritic.
    * Clear the system attribute cache to avoid 'sticky' attributes like
      the queue subject tag.
    * Fix our signature escaping so we better match FCKEditor and don't
      misidentify signatures during processing.
    * Add the ability to create BasedOn Custom Fields from intiialdata
    * Provide a callback to affect the display format in admin pages
    * Fix id prefixing on Custom Fields to be RTIR compatible
    * Fix #16656 - Requestors with OwnTicket could show up in the owner list
      in other Queues.
    * Don't attach the original multipart mail to notifications that already
      contain one part of it.
    * Work around CGI.pm 3.51 and 3.52 which add ; charse=ISO-8859-1 to our
      utf-8 encoded javascript.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/devel/rt3'
  unixtime: '1302946879'
  user: spz