Show More
@@ -0,0 +1,66 b'' | |||
|
1 | |RCE| 4.9.0 |RNS| | |
|
2 | ----------------- | |
|
3 | ||
|
4 | Release Date | |
|
5 | ^^^^^^^^^^^^ | |
|
6 | ||
|
7 | - 2017-08-12 | |
|
8 | ||
|
9 | ||
|
10 | New Features | |
|
11 | ^^^^^^^^^^^^ | |
|
12 | ||
|
13 | ||
|
14 | ||
|
15 | General | |
|
16 | ^^^^^^^ | |
|
17 | ||
|
18 | - Off cycle Minor release to fix SCM vulnerabilities. | |
|
19 | ||
|
20 | ||
|
21 | Security | |
|
22 | ^^^^^^^^ | |
|
23 | ||
|
24 | - security(critical): Bumped GIT to 2.9.5 fixes CVE-2017-1000117 | |
|
25 | https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1466490.html | |
|
26 | - security(critical): Bumped SVN to 1.9.7 fixes CVE-2017-9800 | |
|
27 | https://subversion.apache.org/security/CVE-2017-9800-advisory.txt | |
|
28 | - security(critical): Bumped Mercurial to 4.2.3 fixes CVE-2017-1000116 | |
|
29 | https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29 | |
|
30 | ||
|
31 | ||
|
32 | Performance | |
|
33 | ^^^^^^^^^^^ | |
|
34 | ||
|
35 | - Fixed Mercurial Stream support for very large repositories. Due to discovered | |
|
36 | bug in WebOb library we manage to fix Mercurial stream support. | |
|
37 | Now cloning very large repos e.g 100GB, ~1mln commits should be much | |
|
38 | faster, and use less memory. | |
|
39 | ||
|
40 | ||
|
41 | Fixes | |
|
42 | ^^^^^ | |
|
43 | ||
|
44 | - Fixed problem with default-reviewers in EE package that was missing panel | |
|
45 | title and in some occasions generate 500 errors. | |
|
46 | - Fixed problem with potential URL generation inside our integration. | |
|
47 | This was introduced during pyramid porting. We know ensure that proper | |
|
48 | routing generation is done on all events. | |
|
49 | ||
|
50 | ||
|
51 | Upgrade notes | |
|
52 | ^^^^^^^^^^^^^ | |
|
53 | ||
|
54 | ||
|
55 | - The 4.9.0 release is an off-cycle release. Due to the fact that we needed to | |
|
56 | bump Mercurial from 4.1.X to 4.2.X, and Subversion from 1.9.4 to 1.9.7, we | |
|
57 | released this version not as 4.8.1 security bug fix but 4.9.0. | |
|
58 | We know historically that SVN and Mercurial can have internal api changes. | |
|
59 | We tested basic functionality for all 3 vcs-es but due to very short release | |
|
60 | time we were unable to test everything. Please report any found problems to us | |
|
61 | and we'll for sure address them. | |
|
62 | ||
|
63 | Note to SVN users: Please make sure to upgrade mod_dav to 1.9.7 version. | |
|
64 | At this time we know Wandisco provides 1.9.7 packages for most major distros. | |
|
65 | ||
|
66 |
General Comments 0
You need to be logged in to leave comments.
Login now