[QA-Team] Plone 4.2.3 soft-released
Eric Steele
ericsteele47 at gmail.com
Fri Dec 28 03:10:59 UTC 2012
http://dist.plone.org/release/4.2.3/versions.cfg has been moved to final and pushed to the installers team.
Eric
On Tuesday, December 18, 2012 at 2:57 PM, Eric Steele wrote:
> Plone 4.2.3 is soft-released at http://dist.plone.org/release/4.2.3-pending/versions.cfg. I'll push it out to the installers late Wednesday if no issues are found before then.
>
> Eric
>
>
>
> plone.recipe.zope2instance: 4.2.5 → 4.2.6
> -----------------------------------------
>
> - Use interpreter script instead of setting PYTHONPATH. Fixes Windows
> "the environment variable is longer than 32767 bytes" error.
> [rossp]
> - Make the zope.conf http-server optional by setting http-address to
> an empty string. Useful for configurations used under an external
> server such as a WSGI deployment.
> [rossp]
>
> Plone: 4.2.2 → 4.2.3
> --------------------
>
> - Release Plone 4.2.3
> [esteele]
>
> Products.ATContentTypes: 2.1.9 → 2.1.10
> ---------------------------------------
>
> - change string ownership to creators as it makes more sense
> refs https://dev.plone.org/ticket/8725
> [maartenkling]
> - Make sure ATTopic.queryCatalog cannot be published. This fixes
> https://plone.org/products/plone/security/advisories/20121106/14
> [davisagli]
>
> Products.Archetypes: 1.8.4 → 1.8.6
> ----------------------------------
>
> - Add missing security declarations on the UIDResolver class.
> https://plone.org/products/plone/security/advisories/20121106/08
> [davisagli]
> - Sanitize input to go_back script. This fixes
> https://plone.org/products/plone/security/advisories/20121106/11
> [davisagli]
> - Disallow downloading files via the at_download script if the user does not
> have the field's read_permission. This addresses a security vulnerability
> discussed at http://plone.org/products/plone/security/advisories/20121106/17
> [davisagli]
> - Add minute_step to CalendarWidget so we can define another minute step than
> hardcoded 5 for now
> [gbastien]
> - If form tabbing is allowed, make sure we can still track the current fieldset
> if form submission returns to the edit form.
> [davisagli]
> - Fix inline validation for items in the portal_factory.
> [davisagli]
> - Change used event to update metadata during copy&paste fixes #13326 and makes
> 1.8.5 compatible with LinguaPlone again.
> [do3cc]
>
> Products.CMFPlacefulWorkflow: 1.5.8 → 1.5.9
> -------------------------------------------
>
> - Fixed handling of "update security" option.
> [ericof]
>
> Products.CMFPlone: 4.2.2 → 4.2.3
> --------------------------------
>
> Products.PasswordResetTool: 2.0.9 → 2.0.10
> ------------------------------------------
>
> - Use system random when available. This is part of the fix for
> https://plone.org/products/plone/security/advisories/20121106/24
> [davisagli]
> - registered_notify_template.pt: show login name instead of user id.
> Normally this is the same, but this is not necessarily true when
> using the email address as login name.
> [maurits]
>
> Products.PloneLanguageTool: 3.2.5 → 3.2.6
> -----------------------------------------
>
> - Do not try to get content language for resources that are not
> content. Fixes http://dev.plone.org/plone/ticket/11263
> [keul]
>
> Products.PlonePAS: 4.0.13 → 4.0.14
> ----------------------------------
>
> - Fix saving, getting and deleting the user portrait for non-standard
> user ids like 'bob-jones' or 'bob-jones+test at example.org (mailto:bob-jones+test at example.org)'.
> [maurits]
> - Fix the test for the current password if the user id differs from
> the login name.
> [maurits]
> - PEP8 Cleanup
> [pbdiode]
>
> Products.PortalTransforms: 2.1.1 → 2.1.2
> ----------------------------------------
>
> - Adjust safe_html transform to block various XSS vulnerabilities. This fixes
> https://plone.org/products/plone/security/advisories/20121106/18
> [davisagli]
>
> Products.ResourceRegistries: 2.2.3 → 2.2.4
> ------------------------------------------
>
> - Add some space between up/down and remove links in ZMI
> [maartenking]
>
> Products.TinyMCE: 1.2.13 → 1.2.14
> ---------------------------------
>
> - Escape double quote to so images preview keeps working when having quote
> in tilte
> [maartenkling]
> - Declare dependency on zope.app.component.
> [maurits]
>
> Products.kupu: 1.5 → 1.5.1
> --------------------------
>
> archetypes.referencebrowserwidget: 2.4.13 → 2.4.15
> --------------------------------------------------
>
> - Make new added references sortable with already existing ones
> while editing a content. Fixes http://dev.plone.org/plone/ticket/13271
> [gbastien]
> - Use HTML5 placeholder attribute on search box. Replaces deprecated
> inputLabel class.
> [danjacka]
> - Use normalizeString to create class names for an item's portal type
> and review state. Fixes http://dev.plone.org/plone/ticket/11400.
> [danjacka]
> - don't let search fail on broken catalog
> [tomgross]
>
> diazo: 1.0.2 → 1.0.3
> --------------------
>
> kss.core: 1.6.4 → 1.6.5
> -----------------------
>
> - Make sure the DevelView can't be traversed improperly. This fixes
> https://plone.org/products/plone/security/advisories/20121106/06
> [davisagli]
> - Use type instead of makeClass for Zope 4 compatibility.
> [elro]
>
> plone.app.blob: 1.5.4 → 1.5.5
> -----------------------------
>
> - Added adapter for data wrapped in xmlrpclib.Binary
> https://github.com/plone/plone.app.blob/pull/1
> [aclark, garbas]
> - Fix BLOB migration when LinguaPlone is installed.
> [rpatterson]
>
> plone.app.collection: 1.0.6 → 1.0.7
> -----------------------------------
>
> - Check if item isPrincipiaFolderish instead of the hardcoded portal_type
> Folder when searching for images
> [ichimdav]
> - Fix thumbnail_view so it works with any portal_atct image types not just
> with Image and News Items
> [ichimdav]
> - properly show dates on tabular view, fixes #12907
> [maartenkling]
>
> plone.app.contentmenu: 2.0.6 → 2.0.7
> ------------------------------------
>
> - add prefix to id tag for display menu dropdown items, fixes #11927 and #10894
> [maartenkling]
>
> plone.app.contentlisting: 1.0.2 → 1.0.3
> ---------------------------------------
>
> - Whoever heard I liked batching was wrong. The Catalog results are
> already batched, so don't batch them again.
> [lentinj]
>
> plone.app.controlpanel: 2.2.9 → 2.2.10
> --------------------------------------
>
> - Fix description of 'email as login' security setting. It said
> existing users could go to the personalize information page and save
> it to start using their email as login, but that no longer works and
> is too hard to fix. We now only recommend using the
> migrate-to-emaillogin page as manager.
> Fixes http://dev.plone.org/ticket/11283
> [maurits]
> - Fix as site administrator modify users in controlpanel
> when a user in the list is in administrator group, refs #12307
> [maartenkling]
> - When browsing users and groups, clear searchstring when when adding
> or removing. Also do not show search results then.
> [maurits]
> - When browsing users and groups, clear searchstring when selecting
> show all.
> [maartenkling]
> - Fix 'Redirect immediately to link target' setting doesn't stick #12892
> [maartenkling]
> - Change title and description for permitted styles so its correct
> [maartenkling]
> - Fix @@usergroup-groupmembership "Show All users" batching broken
> [maartenkling]
> - Add error class to portalMessage when portalMessage contains error
> [maartenkling]
>
> plone.app.layout: 2.2.7 → 2.2.8
> -------------------------------
>
> - Changed the behaviour of the title viewlet for items in the portal_factory.
> See https://dev.plone.org/ticket/12117
> [alert]
> - Fix an edge case where getNavigationRootObject could loop infinitely.
> [davisagli]
>
> plone.app.locales: 4.2.2 → 4.2.3
> --------------------------------
>
> - Updated Finnish translations.
>
> plone.app.portlets: 2.3.6 → 2.3.7
> ---------------------------------
>
> - @@manage-portlets: Tooltip for X icon is "Remove", should be "Delete"
> [maartenkling]
>
> plone.app.search: 1.0.6 → 1.0.7
> -------------------------------
>
> - fix search results when having done a seach and switching out some
> items and doing the same search again, refs #12880
> [maartenkling, robgietema]
> - only fill query when there is at least one type selected
> [maartenkling]
> - Fixed Google Chrome and Safari search compatibility problem
> https://dev.plone.org/ticket/13249
> [Manabu TERADA]
>
> plone.app.testing: 4.2 → 4.2.1
> ------------------------------
>
> - Allow testing with non standard port. Allows running multiple test suites
> in parallel.
> [do3cc]
> - Documentation updates.
> [moo]
>
> plone.app.theming: 1.0.3 → 1.0.4
> --------------------------------
>
> - Demote ZMI patch log message to debug level.
> [hannosch]
> - Add i18n tags to translate headings, fixes #12967
> [maartenkling]
> - Change title in control panel to Theme Settings, fixes #12075
> [maartenkling]
>
> plone.app.upgrade: 1.2.2 → 1.2.3
> --------------------------------
>
> - Add upgrade profile for Plone 4.2.3
> [esteele]
> - In the UID index migration, if there are items whose key is None,
> skip them instead of complaining about there being multiple items.
> [davisagli]
>
> plone.app.viewletmanager: 2.0.2 → 2.0.3
> ---------------------------------------
>
> - Hiding viewlets for skinname="*" was not working properly.
> Closes http://dev.plone.org/plone/ticket/10903
> [garbas, WouterVH]
> - Add plone.app.vocabularies as dependency to get the list of existing skins.
> [WouterVH]
> - Add MANIFEST.in (http://MANIFEST.in).
> [WouterVH]
>
> plone.app.workflow: 2.0.8 → 2.0.9
> ---------------------------------
>
> - Use HTML5 placeholder attribute on Sharing tab search box. Replaces
> deprecated inputLabel class.
> [danjacka]
>
> plone.app.z3cform: 0.6.1 → 0.6.2
> --------------------------------
>
> - Rename the 'fieldset.current' hidden input to 'fieldset' for consistency
> with Archetypes.
> [davisagli]
> - Fix a case where the widget broke if its form's content was a dict.
> [davisagli]
>
> plone.cachepurging: 1.0.3 → 1.0.4
> ---------------------------------
>
> - Fixed purge paths for virtual hosting scenarios using virtual path components.
> [dokai]
>
> plone.indexer: 1.0 → 1.0.1
> --------------------------
>
> - Relicense under modified BSD license; per Plone Foundation board
> approval on 2012-05-31.
> See: http://plone.org/foundation/materials/foundation-resolutions/plone-framework-components-relicensing-policy
> [supton]
> - Add MANIFEST.in (http://MANIFEST.in).
> [WouterVH]
>
> plone.keyring: 2.0 → 2.0.1
> --------------------------
>
> - Use system random when available. This is part of the fix for
> https://plone.org/products/plone/security/advisories/20121106/24
> [davisagli]
> - Add MANIFEST.in (http://MANIFEST.in).
> [WouterVH]
>
> plone.openid: 2.0 → 2.0.1
> -------------------------
>
> - Fixed to store timestamp as part of nonce. This fixes
> http://dev.plone.org/plone/ticket/11987
> [datakurre]
> - Add MANIFEST.in (http://MANIFEST.in).
> [WouterVH]
>
> plone.outputfilters: 1.6 → 1.8
> ------------------------------
>
> - Fix packaging issue.
> [esteele]
> - When resolving images, only look upward for the full image if the
> image that was traversed is not a content item (i.e. is a scale).
> [davisagli, datakurre]
> - Also convert "resolveUid/" links (big 'U') that FCKeditor used to create.
> [hacklschorsch]
> - Also escape double quotes, fixes #13219
> [maartenkling]
>
> plone.protect: 2.0 → 2.0.2
> --------------------------
>
> - Use constant time comparison to verify the authenticator. This is part of the
> fix for https://plone.org/products/plone/security/advisories/20121106/23
> [davisagli]
> - Add MANIFEST.in (http://MANIFEST.in).
> [WouterVH]
> - Add ability to customize the token created.
> [vangheem]
>
> plone.session: 3.5 → 3.5.2
> --------------------------
>
> - Use constant time comparison when validating tickets. This is part of the fix
> for https://plone.org/products/plone/security/advisories/20121106/23
> [davisagli]
> - Handle encoded strings for userids.
> [elro]
> - Add MANIFEST.in (http://MANIFEST.in).
> [WouterVH]
> - Fix for Python 2.4 under 64bit Mac OS generating incorrect mod_auth_tkt
> digests
> [MatthewWilkes]
>
> plone.subrequest: 1.6.6 → 1.6.7
> -------------------------------
>
> - Ensure correct handling of bare virtual hosting urls.
> [elro]
>
> plone.supermodel: 1.1.3 → 1.1.4
> -------------------------------
>
> - Allow XML comments in field definitions.
> [gweis]
>
> plone.testing: 4.0.6 → 4.0.7
> ----------------------------
>
> - Fix quoting of urls by the testbrowser.
> [do3cc]
>
> plonetheme.classic: 1.2.4 → 1.2.5
> ---------------------------------
>
> - Reinstate positioning for magnifying glass image on search results
> Search button.
> [danjacka]
> - Fix sitemap display by making styles more specific than #content ul.
> [danjacka]
>
> wicked: 1.1.9 → 1.1.10
> ----------------------
>
> - Fix minor white space test failures in combination with chameleon.
> [maurits]
>
> zope.schema: 4.2 → 4.2.1
> ------------------------
>
> plone.formwidget.autocomplete: 1.2.3 → 1.2.4
> --------------------------------------------
>
> z3c.relationfield: 0.6.1 → 0.6.2
> --------------------------------
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plone.org/pipermail/plone-qa-team/attachments/20121227/aa840744/attachment-0001.html>
More information about the QA-Team
mailing list