Hello community, here is the log from the commit of package otrs for openSUSE:Factory checked in at 2013-08-02 07:07:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/otrs (Old) and /work/SRC/openSUSE:Factory/.otrs.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "otrs" Changes: -------- --- /work/SRC/openSUSE:Factory/otrs/otrs.changes 2013-03-21 09:53:45.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.otrs.new/otrs.changes 2013-08-02 07:07:50.000000000 +0200 @@ -1,0 +2,242 @@ +Sat Jul 27 00:12:28 UTC 2013 - ch...@computersalat.de + +- fix for bnc#828850 (CVE-2013-4717, CVE-2013-4718) +- Update to 3.2.9 + (fix for OSA-2013-05, CVE-2013-4717, CVE-2013-4718) + http://otrs.org/advisory/ + * Bug#9561 - ACL restriction with CustomerID for DynamicFields at + new Ticket screen not working. + * Bug#8728 - Problem loading otrs-initial_insert.oracle.sql. + * Bug#9481 - Possible to select invalid services in SLA admin screen. + * Bug#9539 - Cannot send notification to a group of customers. + * Bug#8273 - Copying text in preview mode not possible. + * Bug#9557 - Cannot see quoted text in customer ticket zoom. + * Bug#9011 - GenericInterface: New value after value mapping can't be 0. + * Improved parameter quoting in various places. + * Bug#9104 - Group permission for customer subset overwrites + permissions for other customers. + * Bug#9434 - Activities are not translated. + * Bug#9261 - Ticket Inbound changes FROM in view. + * Bug#9540 - AgentTicketOwner doesn't activate PreviousOwner if new + owner is selected. + * Bug#9365 - AgentLinkObject screen does not provide a search + restriction for ticket type. + * Bug#9533 - Delete Inactive Process button not aligned. + * Bug#9504 - wrong status after answer via customer portal. + * Bug#9425 - Wrong created date for queue view. + * Follow-up fix for bug#[8880] - No inline image shown if HTML + email contains 'base' tag. + * Bug#8112 - Display issue in FROM column of AgentTicketZoom with + some agent names. + * Bug#9524 - Uninitialized value after step2 in TicketAccountedTime + stats. + * Bug#9511 - ProcessManagement: No SLA verification after Service + update. + * Bug#9513 - Frontend::ToolBarModule###11-CICSearchCustomerUser + does not use settings of Frontend::Agent::CustomerSearch. + * Bug#8719 - PasswordMin2Lower2UpperCharacters problem. +- update OTRS::ITSM to 3.2.7 + (fix for OSA-2013-05, CVE-2013-4717, CVE-2013-4718) +- fix spec + +------------------------------------------------------------------- +Tue Jun 18 22:22:50 UTC 2013 - ch...@computersalat.de + +- Update to 3.2.8: 2013-06-18 + (fix for OSA-2013-04, CVE-2013-4088) + * bug#9464 - Unique email address only checked during CustomerUserAdd, not + during Update. + * bug#9497 - AgentTicketSearch logs a Uninitialized error message in Oracle. + * bug#9451 - Possible to select invalid autoresponses for queues. + * bug#9516 - Field names for account signups in some languages are broken. + * bug#9501 - Missing values in GenericAgent ticket list for tickets without + articles. + * bug#9447 - Empty line at PDF search result with process tickets (0 article). + * bug#9409 - If HTTP_USER_AGENT isn't set, error on Layout.pm. + * bug#9454 - Use of uninitialized value error in AgentTicketForward.pm, undef + Next ticket state. + * bug#9493 - Use of uninitialized value error in AgentTicketPhone.pm on Ticket + Split action. + * bug#9503 - no connection header in soap responses. + * Improved permission checks in AgentTicketWatcher. + * bug#7143 - "SFTP." gets rewritten to "Shttp://FTP." + * bug#9488 - Use of uninitialized value at OutofOffice setting in + AgentPreferences. + * bug#9479 - ProcessManagement: Article and CustomerID should not be Hidden. + * bug#9491 - GenericAgent job update with dynamic fields sends Uninitialized + value error. + * bug#9456 - Empty 'Dropdown' dynamic field value of GenericAgent job wont get + used and stored. + * Follow-up fix for bug#9245 - Added translatable titles for transition + buttons. + * Updated Russian translation, thanks to Alexey Gluhov! + * bug#9245 - Improve user interaction on transitions. + * bug#9284 - Improve user experience of accordion widget. + * bug#9105 - Opening reply view crashes browsers on iPad 3. + * Fixed caching key and inquiry of dynamic field value in HistoryTicketGet + function (TE). + * Added a new parameter to disable default sorting of statistics. + * Added '-a reinstall-all' feature to bin/otrs.PackageManager.pl. + * bug#9476 - AgentTicketZoom: translation of "split" into german language. + * bug#9459 - Creating a new transition action coming from the transition path + view produces errors. + * bug#9458 - Double click on Transition opens error message. + * bug#9241 - Article ignored in article search index if body is almost empty. + The StaticDB fulltext search backend is now fully configurable. + * bug#9462 - Package Management page timeout due to HTTPS disabled on Proxy + connections. + * bug#9408 - A value of Dest inputed in CustomerTicketMessage isn't validated. + * bug#9418 - Incorrect decoding email subject and From token. + * bug#9448 - AgentTicketPhoneInbound/Outbound inserts Agent's personal email + address into article "from". + * bug#9445 - ProcessManagement: Error Message: Need ServiceID or Name!. + * bug#9439 - ProcessManagement: Customer field value is not remembered after + server error is detected. +- Update to 3.2.7: 2013-05-21 + * Updated Package Manager, that will ensure that packages to be installed + meet the quality standards of OTRS Group. This is to guarantee that your + package wasn’t modified, which may possibly harm your system or have an + influence on the stability and performance of it. All independent package + contributors will have to conduct a check of their Add-Ons by OTRS Group + in order to take full advantage of the OTRS package verification. + * bug#9387 - Error in a condition with dynamic fields in NotificationEvent. + * bug#9286 - Ticket::ChangeOwnerToEveryone isn't functional, After a AJAX + Load the setting is ignored. + * bug#7518 - Escalation Notify by not working properly (follow-up fix). + * bug#9410 - SessionID isn't added to URL when using ajax customer search + without cookies active. + * bug#9419 - Process Management: List of available dialog fields lists + Responsible even if feature is inactive. + * bug#9246 - ProcessManagement: TranstionAction error messages not sufficient + enough. + * bug#9345 - OTRS exceeds 998 character limit in References Line of E-Mail + Header. + * bug#7478 - Got an external answer to an internal mail. + * Improved permission checks in AgentTicketPhone. + * bug#9360 - DynamicField Names shown in CSV output. + * bug#8880 - No inline image shown if HTML email contains 'base' tag. + * bug#9374 - Add more functions to rich text editor. + * Fixed postmaster filter edit screen layout. + * bug#9358 - Date/Time DynamicFields are broken in CustomerInterface. + * bug#9384 - Problem with Method ServiceParentsGet of ServiceObject. + * bug#9371 - UserSalutation field in LDAP.pm fix. + * bug#8997 - Owner warnings translatable. + * bug#9375 - Extra colon at the end of recipient lists in forwarded message. + * Updated Polish translation file, thanks to ib.pl! + * bug#9040 - CustomerTicketPrint crashes when no attributes are configured to + be printed. + * Added UnitTest for case sensivity parameter of customer databases + * bug#9362 - cannot redirect to external url containing & caracter. + * bug#7856 - Statistics only use non archived tickets. + * bug#9072 - Reply to email-internal includes customer users email in Cc. + field. + * bug#9349 - SQL warnings on Oracle DB if more than 4k characters are sent + to the database. + * bug#9353 - Customer Ticket Zoom shows owner login name instead of full name. + * bug#8599 - Problem with "[]" characters in name of attachment file. +- Update ITSM to 3.2.6 + * Bug#9351 - Wrong LastScreenOverview in AgentITSMConfigItemSearch + * Bug#9352 - Missing LastScreenOverview in AgentITSMConfigItem (OverviewSmall) + * Bug#8961 - Get impact list in AgentTicketPhone before obtain SplitTicketParam. + * remove packages30 support + - update ITSM to 3.2.5 + (fix for OSA-2013-03, CVE-2013-3551) + - update ITSM to 3.2.4 + (fix for OSA-2013-02, CVE-2013-2637) + - update ITSM to 3.2.3 + (fix for OSA-2013-01, CVE-2013-2625) +- rebase perm.patch +- fix permission + * on DBUpdate otrs needs write acces to Kernel/Config/Files + attr(2775,wwwrun,www) dir {otrs_root}/{name}/Kernel/Config/Files + +------------------------------------------------------------------- +Thu May 9 20:28:02 UTC 2013 - alexan...@exatati.com.br + +- Update to 3.2.6: + - Bug#9310 - AgentTicketProcess has the same shortkey "o" as + AgentTicketQueue. + - Bug#9280 - Database upgrade procedure problems when upgrading + database to 3.2 that has been upgraded from 2.4 previously. + - Bug#9264 - Dynamic ticket text fields are displayed with value + "1" if enabled and displayed by default in ticket search screen. + - Bug#8960 - AgentTicketSearch.pm SearchProfile problem. + - Bug#9328 - Notification event does not work on process ticket. + - Fixed broken process import. + - Follow-up for bug#9215 - Process import always creates new + process. The overwrite optionwas removed again because of + logical problems. + - Added parameter "-t dbonly" to backup.pl to only backup the + database (if files are backed up otherwise). + - Bug#9302 - Process Management: Misleading description for + activities without dialogs. + - Bug#9182 - Customer Search Function -> If you go into a ticket + and go back you got not the search results. + - Bug#9297 - Customer information widget losing data. + - Bug#9244 - Process Management: Transitions on Activities does + not scale well. + - Bug#9287 - Process Management: strange placement of target point + for new transitions. + - Bug#9294 - Process Management: Activity hover window not + displayed properly if activity is very close to bottom canvas + border. + - Bug#9314 - Process Management: Unexpected redirection after + creating a new process. + - Bug#9312 - LinkObject permission check problem. + +------------------------------------------------------------------- +Wed Apr 10 13:09:04 UTC 2013 - alexan...@exatati.com.br + +- Update to 3.2.5: + (fix for OSA-2013-03, CVE-2013-3551) + * Bug#9313 - No such file or directory in otrs.SetPermission.pl. + * Bug#9306 - Auto Response fails when ticket is created from + Customer Interface and last name contains a comma. + * Bug#9308 - Impossible to create a new stats report with absolute + period. + * Bug#9307 - Packages not compatible with 3.2.4 listed as available ++++ 45 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/otrs/otrs.changes ++++ and /work/SRC/openSUSE:Factory/.otrs.new/otrs.changes Old: ---- itsm-3.2.2.tar.bz2 otrs-3.2.3.tar.bz2 New: ---- itsm-3.2.7.tar.bz2 otrs-3.2.9.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ otrs.spec ++++++ --- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200 +++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200 @@ -16,12 +16,12 @@ # -%define otrs_ver 3.2.3 -%define itsm_ver 3.2.2 +%define otrs_ver 3.2.9 +%define itsm_ver 3.2.7 %define itsm_min 3.2 %define otrs_root /srv -%define otrsdoc_dir_files CHANGES COPYING* CREDITS README* UPGRADING.SuSE doc -%define otrsdocs CHANGES doc +%define otrsdoc_dir_files CHANGES* COPYING* CREDITS README* UPGRADING.SuSE doc +%define otrsdocs CHANGES* doc Name: otrs Summary: The Open Ticket Request System @@ -189,7 +189,8 @@ do %__mv $file var/cron/`basename $file .dist` done -%__rm INSTALL{.md,.RedHat,.SuSE} +%__rm INSTALL.md +#%__rm INSTALL{.md,.RedHat,.SuSE} #%__mv INSTALL.SuSE INSTALL %install @@ -342,7 +343,7 @@ ############### ## {root,www} ############### -%defattr(0750,root,www,0755) +%defattr(0770,root,www,0775) # bin %{otrs_root}/%{name}/bin #exclude %{otrs_root}/%{name}/bin/%{name}.DeleteSessionIDs.pl @@ -404,15 +405,15 @@ # var/{packages,spool} %{otrs_root}/%{name}/var/packages -%dir %{otrs_root}/%{name}/var/spool +#%dir %{otrs_root}/%{name}/var/spool # var/{article,log,tmp} #defattr(0644,%{name},www,2775) -%dir %{otrs_root}/%{name}/var/article +#%dir %{otrs_root}/%{name}/var/article %ghost %config(noreplace) %attr(660,%{name},www) %{otrs_root}/%{name}/var/log/TicketCounter.log -%defattr(0644,%{name},www,2775) -%dir %{otrs_root}/%{name}/var/tmp +#%defattr(0644,%{name},www,2775) +#%dir %{otrs_root}/%{name}/var/tmp %defattr(0660,%{name},www,2775) %dir %{otrs_root}/%{name}/var/log @@ -437,7 +438,7 @@ %{otrs_root}/%{name}/var/httpd/htdocs # var/{session,stats} -%dir %{otrs_root}/%{name}/var/sessions +#%dir %{otrs_root}/%{name}/var/sessions %dir %{otrs_root}/%{name}/var/stats %{otrs_root}/%{name}/var/stats/* @@ -455,7 +456,8 @@ %{otrs_root}/%{name}/Kernel/Config/Defaults.pm %config(noreplace) %{otrs_root}/%{name}/Kernel/Config/GenericAgent.pm %{otrs_root}/%{name}/Kernel/Config/GenericAgent.pm.* -%dir %{otrs_root}/%{name}/Kernel/Config/Files +# as otrs user: perl scripts/DBUpdate-to-3.2.pl needs +%attr(2775,wwwrun,www) %dir %{otrs_root}/%{name}/Kernel/Config/Files #{otrs_root}/%{name}/Kernel/Config/Files/Deprecated.xml %{otrs_root}/%{name}/Kernel/Config/Files/Framework.xml %{otrs_root}/%{name}/Kernel/Config/Files/GenericInterface.xml @@ -490,7 +492,8 @@ %doc COPYING* %doc README.itsm* %doc itsm-%{itsm_ver}/INSTALL-%{itsm_min}.ITSM +%defattr(0644,wwwrun,www,0755) %{otrs_root}/%{name}/itsm -%config %attr(0644,wwwrun,www) %{otrs_root}/%{name}/Kernel/Config/Files/ZZZAuto.pm +%config %attr(0664,wwwrun,www) %{otrs_root}/%{name}/Kernel/Config/Files/ZZZAuto.pm %changelog ++++++ UPGRADING.SuSE ++++++ --- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200 +++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200 @@ -9,7 +9,7 @@ # did not receive this file, see http://www.gnu.org/licenses/agpl.txt. # -- -These instructions are for people upgrading OTRS from "3.0" to "3.1", +These instructions are for people upgrading OTRS "3.1" to "3.2", and applies both for RPM and source code (tarball) upgrades. If you are running a lower version of OTRS you have to follow the upgrade path @@ -19,15 +19,7 @@ take an extra step; please read http://bugs.otrs.org/show_bug.cgi?id=6798 If you need to do a "patch level upgrade", which is an upgrade for instance -from OTRS version 3.1.1 to 3.1.3, you should skip steps 8, 10 and 12-19. - -Please note that for upgrades from 3.1.beta1 or 3.1.beta2, an additional step 20 -is needed! - -If you are using Microsoft SQL Server as the DBMS for OTRS, please refer -to the manual, chapter "Upgrading Microsoft SQL Server Data Types" for instructions -how to upgrade the data types used by OTRS -(http://doc.otrs.org/3.1/en/html/upgrading-mssql-datatypes.html). +from OTRS version 3.2.1 to 3.2.3, you should skip steps 7, 8, 10 and 12-19. 1) Stop all relevant services @@ -96,6 +88,22 @@ ===================== MySQL: + + Note: new tables created in the MySQL UPGRADING process will be created with the + default table storage engine set in your MySQL server. + In MySQL 5.5 the new default type is InnoDB. + If existing tables, e.g. "users", have the table storage engine e.g. MyISAM, + then an error will be displayed when creating the foreign key constraints. + + You have two options: you can change the default storage engine of MySQL back to MyISAM + so that new tables will have the same engine as the existing tables, + or change the existing tables to use InnoDB as storage engine. + + Any problems with regards to the storage engine will be reported by the + `otrs.CheckDB.pl` script, so please run it to check for possible issues. + + shell> bin/otrs.CheckDB.pl + shell> cat scripts/DBUpdate-to-3.1.mysql.sql | mysql -p -f -u root otrs PostgreSQL 8.2+: @@ -115,6 +123,8 @@ DATABASE MIGRATION SCRIPT ========================= + Run the migration script (as user `otrs`, NOT as `root`): + shell> scripts/DBUpdate-to-3.1.pl Do not continue the upgrading process if this script did not work properly ++++++ ZZZAuto.pm ++++++ --- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200 +++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200 @@ -9,10 +9,8 @@ $Self->{'DefaultLanguage'} = 'de'; $Self->{'LogModule'} = 'Kernel::System::Log::File'; $Self->{'Package::RepositoryList'} = { - 'file://@OTRS_ROOT@/otrs/itsm/packages30/' => '[--OTRS::ITSM 3.0 local repo]', 'file://@OTRS_ROOT@/otrs/itsm/packages31/' => '[--OTRS::ITSM 3.1 local repo]', 'file://@OTRS_ROOT@/otrs/itsm/packages32/' => '[--OTRS::ITSM 3.2 local repo]', - 'http://ftp.otrs.org/pub/otrs/itsm/packages30/' => '[--OTRS::ITSM 3.0 Master--] http://ftp.otrs.org/', 'http://ftp.otrs.org/pub/otrs/itsm/packages31/' => '[--OTRS::ITSM 3.1 Master--] http://ftp.otrs.org/', 'http://ftp.otrs.org/pub/otrs/itsm/packages32/' => '[--OTRS::ITSM 3.2 Master--] http://ftp.otrs.org/' }; ++++++ itsm-3.2.2.tar.bz2 -> itsm-3.2.7.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/otrs/itsm-3.2.2.tar.bz2 /work/SRC/openSUSE:Factory/.otrs.new/itsm-3.2.7.tar.bz2 differ: char 11, line 1 ++++++ otrs-3.2.3.tar.bz2 -> otrs-3.2.9.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/otrs/otrs-3.2.3.tar.bz2 /work/SRC/openSUSE:Factory/.otrs.new/otrs-3.2.9.tar.bz2 differ: char 11, line 1 ++++++ otrs-httpd_conf.patch ++++++ --- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200 +++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200 @@ -74,7 +74,7 @@ <IfModule mod_headers.c> - <Directory "/opt/otrs/var/httpd/htdocs/skins/*/*/css-cache"> -+ <Directory "@OTRS_ROOT@/otrs/var/httpd/htdocs/skins/*/*/css-cache" ++ <Directory "@OTRS_ROOT@/otrs/var/httpd/htdocs/skins/*/*/css-cache"> <FilesMatch "\.(css|CSS)$"> Header set Cache-Control "max-age=2592000 must-revalidate" </FilesMatch> ++++++ otrs-perm.patch ++++++ --- /var/tmp/diff_new_pack.lKhCtW/_old 2013-08-02 07:07:52.000000000 +0200 +++ /var/tmp/diff_new_pack.lKhCtW/_new 2013-08-02 07:07:52.000000000 +0200 @@ -1,8 +1,8 @@ Index: Kernel/System/Package.pm =================================================================== ---- Kernel/System/Package.pm +--- Kernel/System/Package.pm.orig +++ Kernel/System/Package.pm -@@ -2792,7 +2792,7 @@ sub _FileSystemCheck { +@@ -2966,7 +2966,7 @@ sub _FileSystemCheck { } # create test files in following directories -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org