[ReviewBoard] New upstream release 1.7.12

Stephen Gallagher sgallagh at fedoraproject.org
Mon Jul 29 12:58:44 UTC 2013 

commit 0f8bef55d61025a25b042b9a3b029d3930070694
Author: Stephen Gallagher <sgallagh at redhat.com>
Date:   Mon Jul 29 08:57:51 2013 -0400

    New upstream release 1.7.12
    
    - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.12/
    - Security Fixes:
        * Function names in diff headers are no longer rendered as HTML.
        * If a user’s full name contained HTML, the Submitters list would render it
          as HTML, without escaping it. This was an XSS vulnerability.
        * The default Apache configuration is now more strict with how it serves up
          file attachments. This does not apply to existing installations. See
          http://support.beanbaginc.com/support/solutions/articles/110173-securing-file-attachments
          for details.
        * Uploaded files are now renamed to include a hash, preventing users from
          uploading malicious filenames, and making filenames unguessable.
        * Recaptcha support has been updated to use the new URLs provided by
          Google.
    - New Features:
        * Added a X-ReviewRequest-Repository header for e-mails.
    - Extension Improvements:
        * Extensions can now specify their list of app directories.
        * Extensions can now specify the author’s URL.
        * Improved the look and feel for extension configuration.
        * Improved the functionality for extension configuration.
        * Improved the list of available extensions.
    - Bug Fixes:
        * Fixed the “Show Whitespace Changes” toggle.
        * Fixed compatibility with modern versions of django-storages.
        * Draft comments on file attachments are no longer shown to all users.
        * Fixed issues with console windows appearing when invoking Clear Case
          requests on Python 2.7.x and Windows 7.
        * Review requests on Local Sites are now guaranteed to have the proper ID.
        * Fixed starring review requests on Local Sites.

 ReviewBoard.spec |   40 +++++++++++++++++++++++++++++++++++++---
 1 files changed, 37 insertions(+), 3 deletions(-)
---
diff --git a/ReviewBoard.spec b/ReviewBoard.spec
index 2eed325..9f11811 100644
--- a/ReviewBoard.spec
+++ b/ReviewBoard.spec
@@ -1,7 +1,9 @@
 %{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
 
+%global djblets_version 0.7.16
+
 Name:           ReviewBoard
-Version:        1.7.11
+Version:        1.7.12
 Release:        1%{?dist}
 Summary:        Web-based code review tool
 Group:          Applications/Internet
@@ -12,7 +14,7 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildArch:      noarch
 BuildRequires:  python-devel
 BuildRequires:  python-setuptools
-BuildRequires:  python-djblets >= 0.7.15
+BuildRequires:  python-djblets >= %{djblets_version}
 BuildRequires:  python-django-pipeline >= 1.2.24
 BuildRequires:  python-mimeparse
 BuildRequires:  python-sphinx
@@ -28,7 +30,7 @@ BuildRequires:  python-markdown >= 2.2.1
 BuildRequires:  python-docutils
 BuildRequires:  python-slimit
 
-Requires:       python-djblets >= 0.7.15
+Requires:       python-djblets >= %{djblets_version}
 Requires:       python-imaging
 Requires:       httpd
 Requires:       mod_wsgi
@@ -126,6 +128,38 @@ rm -rf $RPM_BUILD_ROOT
 %{python_sitelib}/webtests/*.py*
 
 %changelog
+* Mon Jul 29 2013 Stephen Gallagher <sgallagh at redhat.com> - 1.7.12-1
+- New upstream release 1.7.12
+- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.12/
+- Security Fixes:
+    * Function names in diff headers are no longer rendered as HTML.
+    * If a user’s full name contained HTML, the Submitters list would render it
+      as HTML, without escaping it. This was an XSS vulnerability.
+    * The default Apache configuration is now more strict with how it serves up
+      file attachments. This does not apply to existing installations. See
+      http://support.beanbaginc.com/support/solutions/articles/110173-securing-file-attachments
+      for details.
+    * Uploaded files are now renamed to include a hash, preventing users from
+      uploading malicious filenames, and making filenames unguessable.
+    * Recaptcha support has been updated to use the new URLs provided by
+      Google.
+- New Features:
+    * Added a X-ReviewRequest-Repository header for e-mails.
+- Extension Improvements:
+    * Extensions can now specify their list of app directories.
+    * Extensions can now specify the author’s URL.
+    * Improved the look and feel for extension configuration.
+    * Improved the functionality for extension configuration.
+    * Improved the list of available extensions.
+- Bug Fixes:
+    * Fixed the “Show Whitespace Changes” toggle.
+    * Fixed compatibility with modern versions of django-storages.
+    * Draft comments on file attachments are no longer shown to all users.
+    * Fixed issues with console windows appearing when invoking Clear Case
+      requests on Python 2.7.x and Windows 7.
+    * Review requests on Local Sites are now guaranteed to have the proper ID.
+    * Fixed starring review requests on Local Sites.
+
 * Thu Jun 27 2013 Stephen Gallagher <sgallagh at redhat.com> - 1.7.11-1
 - New upstream release 1.7.11
 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.11/

More information about the scm-commits mailing list