RT: Request Tracker

This version has reached its end of life and is out of support. Please contact us for upgrade assistance.

RT 4.0.6 Release Notes

RT 4.0.6 contains important security fixes, in addition to bugfixes.


SHA1 sums

f5c0dd16da21f0af8e9c093057aa58cbab08d06b  rt-4.0.6.tar.gz
1f862bbb1b335cd036d1c32c10d80f26e4ce99a1  rt-4.0.6.tar.gz.sig

This release, in addition to being a bugfix release, also resolves a
number of security vulnerabilities.  It resolves CVE-2011-2082,
CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458,
CVE-2011-4459, and CVE-2011-4460.

 * Remove CSS3PIE, which simply added rounded corners on IE7 and IE8, as
   it was causing numerous crashes of IE.
 * Show the current status in the status dropdown during ticket update,
   to allow forced setting of the status.  This functionality was
   available in RT 3.8, and is now being reinstated.
 * Use SearchBuilder queue limits to restrict what statuses and owners
   are displayed in drop-downs.
 * Make "New Ticket" a top-level SelfService menu item.
 * Display Lifecycle column correctly in queue admin lists.
 * Allow >64k attributes on MySQL; this is particularly useful for
   logos uploaded via the theming editor.
 * Remove two dependencies from the RT mailgate.
 * Adding new arbitrary links to tickets now works as expected in the
   REST interface.
 * Subject: lines in Forward Ticket templates are now respected.
 * Sort ticket link numbers numerically, not alphabetically.
 * Ticket reminders are no longer copied when creating a linked ticket;
   article and http:// links now are, however.
 * Use relative links (with no hostname) more consistently.
 * Correctly deal with non-ASCII attachment filenames which make use of
   MIME parameter value continuations.
 * Find queue-level CFs first in REST interface when there are
   duplicates by name.
 * Fix graphing of searches which reference Updated and other
   transaction-based limits.
 * Reminder statuses on open and resolve are now configurable
 * Fix quoting of CF names containing dashes and the like in the
 * Bump URI dependency to ensure utf8 URLs are correclty generated in
   Dashboard emails.
 * Permit <bdo> and language attributes when scrubbing HTML.

A complete changelog is available from git by running:
  git log rt-4.0.5..rt-4.0.6