diff options
author | Ivan Kohler <ivan@freeside.biz> | 2012-06-07 16:55:45 -0700 |
---|---|---|
committer | Ivan Kohler <ivan@freeside.biz> | 2012-06-07 16:55:45 -0700 |
commit | c24d6e2242ae0e026684b8f95decf156aba6e75e (patch) | |
tree | 8597d00e2e6bf2cf400437b9344f43b1500da412 /rt/docs | |
parent | 6686c29104e555ea23446fe1db330664fa110bc0 (diff) |
rt 4.0.6
Diffstat (limited to 'rt/docs')
-rw-r--r-- | rt/docs/UPGRADING-4.0 | 23 | ||||
-rw-r--r-- | rt/docs/hacking.pod | 10 | ||||
-rw-r--r-- | rt/docs/security.pod | 15 | ||||
-rw-r--r-- | rt/docs/web_deployment.pod | 13 |
4 files changed, 56 insertions, 5 deletions
diff --git a/rt/docs/UPGRADING-4.0 b/rt/docs/UPGRADING-4.0 index a9301348e..4b64d2e72 100644 --- a/rt/docs/UPGRADING-4.0 +++ b/rt/docs/UPGRADING-4.0 @@ -106,3 +106,26 @@ with database level. ******* + +UPGRADING FROM 4.0.5 and earlier - Changes: + +The fix for an attribute truncation bug on MySQL requires a small ALTER TABLE. +Be sure you run `make upgrade-database` to apply this change automatically. +The bug primarily manifested when uploading large logos in the theme editor on +MySQL. Refer to etc/upgrade/4.0.6/schema.mysql for the actual ALTER TABLE that +will be run. + +******* +The web-based query builder now uses Queue limits to restrict the set of +displayed statuses and owners. As part of this change, the %cfqueues +parameter was renamed to %Queues; if you have local modifications to any +of the following Mason templates, this feature will not function +correctly: + + share/html/Elements/SelectOwner + share/html/Elements/SelectStatus + share/html/Prefs/Search.html + share/html/Search/Build.html + share/html/Search/Elements/BuildFormatString + share/html/Search/Elements/PickCFs + share/html/Search/Elements/PickCriteria diff --git a/rt/docs/hacking.pod b/rt/docs/hacking.pod index 8aa84fd01..396c5623d 100644 --- a/rt/docs/hacking.pod +++ b/rt/docs/hacking.pod @@ -186,11 +186,11 @@ which will be significantly faster: make test-parallel -The C<*-trunk> and C<master> branches are expected to be passing always -be passing all tests. While it is acceptable to break tests in an -intermediate commit, a branch which does not pass tests will not be -merged. Ideally, commits which fix a bug should also include a testcase -which fails before the fix and succeeds after. +The C<*-trunk> and C<master> branches are expected to always be passing +all tests. While it is acceptable to break tests in an intermediate +commit, a branch which does not pass tests will not be merged. Ideally, +commits which fix a bug should also include a testcase which fails +before the fix and succeeds after. diff --git a/rt/docs/security.pod b/rt/docs/security.pod index b8650e05d..620f8687c 100644 --- a/rt/docs/security.pod +++ b/rt/docs/security.pod @@ -9,6 +9,21 @@ key). More information is available at L<http://bestpractical.com/security/>. + +=head2 RT's security process + +After a security vulnerability is reported to Best Practical and +verified, we attempt to resolve it in as timely a fashion as possible. +Best Practical support customers will be notified before we disclose the +information to the public. All security announcements will be sent to +C<rt-announce@bestpractical.com>, which includes +C<rt-users@bestpractical.com> and C<rt-devel@bestpractical.com>. + +As the tests for security vulnerabilities are often nearly identical to +working exploits, sensitive tests will be embargoed for a period of six +months before being added to the public RT repository. + + =head2 Security tips for running RT =over diff --git a/rt/docs/web_deployment.pod b/rt/docs/web_deployment.pod index 65065c5cd..4c3f73fb5 100644 --- a/rt/docs/web_deployment.pod +++ b/rt/docs/web_deployment.pod @@ -67,6 +67,19 @@ spontaneously logged in as other users in the system. =head3 mod_fcgid +B<WARNING>: Before mod_fcgid 2.3.6, the maximum request size was 1GB. +Starting in 2.3.6, this is now 128Kb. This is unlikely to be large +enough for any RT install that handles attachments. You can read more +about FcgidMaxRequestLen at +L<http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html#fcgidmaxrequestlen> + +Most distributions will have a mod_fcgid.conf or similar file with +mod_fcgid configurations and you should add: + + FcgidMaxRequestLen 1073741824 + +to return to the old default. + <VirtualHost rt.example.com> ### Optional apache logs for RT # Ensure that your log rotation scripts know about these files |