[QA-Team] Plone 4.2.3 soft-released

Eric Steele ericsteele47 at gmail.com
Fri Dec 28 03:10:59 UTC 2012


http://dist.plone.org/release/4.2.3/versions.cfg has been moved to final and pushed to the installers team.

Eric





On Tuesday, December 18, 2012 at 2:57 PM, Eric Steele wrote:

> Plone 4.2.3 is soft-released at http://dist.plone.org/release/4.2.3-pending/versions.cfg. I'll push it out to the installers late Wednesday if no issues are found before then.
>  
> Eric
>  
>  
>  
> plone.recipe.zope2instance: 4.2.5 → 4.2.6
> -----------------------------------------
>  
> - Use interpreter script instead of setting PYTHONPATH.  Fixes Windows
>   "the environment variable is longer than 32767 bytes" error.
>   [rossp]
> - Make the zope.conf http-server optional by setting http-address to
>   an empty string.  Useful for configurations used under an external
>   server such as a WSGI deployment.
>   [rossp]
>  
> Plone: 4.2.2 → 4.2.3
> --------------------
>  
> - Release Plone 4.2.3
>   [esteele]
>  
> Products.ATContentTypes: 2.1.9 → 2.1.10
> ---------------------------------------
>  
> - change string ownership to creators as it makes more sense
>   refs https://dev.plone.org/ticket/8725
>   [maartenkling]
> - Make sure ATTopic.queryCatalog cannot be published. This fixes
>   https://plone.org/products/plone/security/advisories/20121106/14
>   [davisagli]
>  
> Products.Archetypes: 1.8.4 → 1.8.6
> ----------------------------------
>  
> - Add missing security declarations on the UIDResolver class.
>   https://plone.org/products/plone/security/advisories/20121106/08
>   [davisagli]
> - Sanitize input to go_back script. This fixes
>   https://plone.org/products/plone/security/advisories/20121106/11
>   [davisagli]
> - Disallow downloading files via the at_download script if the user does not
>   have the field's read_permission.  This addresses a security vulnerability
>   discussed at http://plone.org/products/plone/security/advisories/20121106/17
>   [davisagli]
> - Add minute_step to CalendarWidget so we can define another minute step than
>   hardcoded 5 for now
>   [gbastien]
> - If form tabbing is allowed, make sure we can still track the current fieldset
>   if form submission returns to the edit form.
>   [davisagli]
> - Fix inline validation for items in the portal_factory.
>   [davisagli]
> - Change used event to update metadata during copy&paste fixes #13326 and makes
>   1.8.5 compatible with LinguaPlone again.
>   [do3cc]
>  
> Products.CMFPlacefulWorkflow: 1.5.8 → 1.5.9
> -------------------------------------------
>  
> - Fixed handling of "update security" option.
>   [ericof]
>  
> Products.CMFPlone: 4.2.2 → 4.2.3
> --------------------------------
>  
> Products.PasswordResetTool: 2.0.9 → 2.0.10
> ------------------------------------------
>  
> - Use system random when available. This is part of the fix for
>   https://plone.org/products/plone/security/advisories/20121106/24
>   [davisagli]
> - registered_notify_template.pt: show login name instead of user id.
>   Normally this is the same, but this is not necessarily true when
>   using the email address as login name.
>   [maurits]
>  
> Products.PloneLanguageTool: 3.2.5 → 3.2.6
> -----------------------------------------
>  
> - Do not try to get content language for resources that are not
>   content. Fixes http://dev.plone.org/plone/ticket/11263
>   [keul]
>  
> Products.PlonePAS: 4.0.13 → 4.0.14
> ----------------------------------
>  
> - Fix saving, getting and deleting the user portrait for non-standard
>   user ids like 'bob-jones' or 'bob-jones+test at example.org (mailto:bob-jones+test at example.org)'.
>   [maurits]
> - Fix the test for the current password if the user id differs from
>   the login name.
>   [maurits]
> - PEP8 Cleanup
>   [pbdiode]
>  
> Products.PortalTransforms: 2.1.1 → 2.1.2
> ----------------------------------------
>  
> - Adjust safe_html transform to block various XSS vulnerabilities. This fixes
>   https://plone.org/products/plone/security/advisories/20121106/18
>   [davisagli]
>  
> Products.ResourceRegistries: 2.2.3 → 2.2.4
> ------------------------------------------
>  
> - Add some space between up/down and remove links in ZMI
>   [maartenking]
>  
> Products.TinyMCE: 1.2.13 → 1.2.14
> ---------------------------------
>  
> - Escape double quote to so images preview keeps working when having quote
>   in tilte
>   [maartenkling]
> - Declare dependency on zope.app.component.
>   [maurits]
>  
> Products.kupu: 1.5 → 1.5.1
> --------------------------
>  
> archetypes.referencebrowserwidget: 2.4.13 → 2.4.15
> --------------------------------------------------
>  
> - Make new added references sortable with already existing ones
>   while editing a content.  Fixes http://dev.plone.org/plone/ticket/13271
>   [gbastien]
> - Use HTML5 placeholder attribute on search box. Replaces deprecated
>   inputLabel class.
>   [danjacka]
> - Use normalizeString to create class names for an item's portal type
>   and review state. Fixes http://dev.plone.org/plone/ticket/11400.
>   [danjacka]
> - don't let search fail on broken catalog
>   [tomgross]
>  
> diazo: 1.0.2 → 1.0.3
> --------------------
>  
> kss.core: 1.6.4 → 1.6.5
> -----------------------
>  
> - Make sure the DevelView can't be traversed improperly. This fixes
>   https://plone.org/products/plone/security/advisories/20121106/06
>   [davisagli]
> - Use type instead of makeClass for Zope 4 compatibility.
>   [elro]
>  
> plone.app.blob: 1.5.4 → 1.5.5
> -----------------------------
>  
> - Added adapter for data wrapped in xmlrpclib.Binary
>   https://github.com/plone/plone.app.blob/pull/1
>   [aclark, garbas]
> - Fix BLOB migration when LinguaPlone is installed.
>   [rpatterson]
>  
> plone.app.collection: 1.0.6 → 1.0.7
> -----------------------------------
>  
> - Check if item isPrincipiaFolderish instead of the hardcoded portal_type
>   Folder when searching for images
>   [ichimdav]
> - Fix thumbnail_view so it works with any portal_atct image types not just
>   with Image and News Items
>   [ichimdav]
> - properly show dates on tabular view, fixes #12907
>   [maartenkling]
>  
> plone.app.contentmenu: 2.0.6 → 2.0.7
> ------------------------------------
>  
> - add prefix to id tag for display menu dropdown items, fixes #11927 and #10894
>   [maartenkling]
>  
> plone.app.contentlisting: 1.0.2 → 1.0.3
> ---------------------------------------
>  
> - Whoever heard I liked batching was wrong. The Catalog results are
>   already batched, so don't batch them again.
>   [lentinj]
>  
> plone.app.controlpanel: 2.2.9 → 2.2.10
> --------------------------------------
>  
> - Fix description of 'email as login' security setting.  It said
>   existing users could go to the personalize information page and save
>   it to start using their email as login, but that no longer works and
>   is too hard to fix.  We now only recommend using the
>   migrate-to-emaillogin page as manager.
>   Fixes http://dev.plone.org/ticket/11283
>   [maurits]
> - Fix as site administrator modify users in controlpanel
>   when a user in the list is in administrator group, refs #12307
>   [maartenkling]
> - When browsing users and groups, clear searchstring when when adding
>   or removing.  Also do not show search results then.
>   [maurits]
> - When browsing users and groups, clear searchstring when selecting
>   show all.
>   [maartenkling]
> - Fix 'Redirect immediately to link target' setting doesn't stick #12892
>   [maartenkling]
> - Change title and description for permitted styles so its correct
>   [maartenkling]
> - Fix @@usergroup-groupmembership "Show All users" batching broken
>   [maartenkling]
> - Add error class to portalMessage when portalMessage contains error
>   [maartenkling]
>  
> plone.app.layout: 2.2.7 → 2.2.8
> -------------------------------
>  
> - Changed the behaviour of the title viewlet for items in the portal_factory.
>   See https://dev.plone.org/ticket/12117
>   [alert]
> - Fix an edge case where getNavigationRootObject could loop infinitely.
>   [davisagli]
>  
> plone.app.locales: 4.2.2 → 4.2.3
> --------------------------------
>  
> - Updated Finnish translations.
>  
> plone.app.portlets: 2.3.6 → 2.3.7
> ---------------------------------
>  
> - @@manage-portlets: Tooltip for X icon is "Remove", should be "Delete"
>   [maartenkling]
>  
> plone.app.search: 1.0.6 → 1.0.7
> -------------------------------
>  
> - fix search results when having done a seach and switching out some
>   items and doing the same search again, refs #12880
>   [maartenkling, robgietema]
> - only fill query when there is at least one type selected
>   [maartenkling]
> - Fixed Google Chrome and Safari search compatibility problem
>   https://dev.plone.org/ticket/13249
>   [Manabu TERADA]
>  
> plone.app.testing: 4.2 → 4.2.1
> ------------------------------
>  
> - Allow testing with non standard port. Allows running multiple test suites
>   in parallel.
>   [do3cc]
> - Documentation updates.
>   [moo]
>  
> plone.app.theming: 1.0.3 → 1.0.4
> --------------------------------
>  
> - Demote ZMI patch log message to debug level.
>   [hannosch]
> - Add i18n tags to translate headings, fixes #12967
>   [maartenkling]
> - Change title in control panel to Theme Settings, fixes #12075
>   [maartenkling]
>  
> plone.app.upgrade: 1.2.2 → 1.2.3
> --------------------------------
>  
> - Add upgrade profile for Plone 4.2.3
>   [esteele]
> - In the UID index migration, if there are items whose key is None,
>   skip them instead of complaining about there being multiple items.
>   [davisagli]
>  
> plone.app.viewletmanager: 2.0.2 → 2.0.3
> ---------------------------------------
>  
> - Hiding viewlets for skinname="*" was not working properly.
>   Closes http://dev.plone.org/plone/ticket/10903
>   [garbas, WouterVH]
> - Add plone.app.vocabularies as dependency to get the list of existing skins.
>   [WouterVH]
> - Add MANIFEST.in (http://MANIFEST.in).
>   [WouterVH]
>  
> plone.app.workflow: 2.0.8 → 2.0.9
> ---------------------------------
>  
> - Use HTML5 placeholder attribute on Sharing tab search box. Replaces
>   deprecated inputLabel class.
>   [danjacka]
>  
> plone.app.z3cform: 0.6.1 → 0.6.2
> --------------------------------
>  
> - Rename the 'fieldset.current' hidden input to 'fieldset' for consistency
>   with Archetypes.
>   [davisagli]
> - Fix a case where the widget broke if its form's content was a dict.
>   [davisagli]
>  
> plone.cachepurging: 1.0.3 → 1.0.4
> ---------------------------------
>  
> - Fixed purge paths for virtual hosting scenarios using virtual path components.
>   [dokai]
>  
> plone.indexer: 1.0 → 1.0.1
> --------------------------
>  
> - Relicense under modified BSD license; per Plone Foundation board
>   approval on 2012-05-31.
>   See: http://plone.org/foundation/materials/foundation-resolutions/plone-framework-components-relicensing-policy
>   [supton]
> - Add MANIFEST.in (http://MANIFEST.in).
>   [WouterVH]
>  
> plone.keyring: 2.0 → 2.0.1
> --------------------------
>  
> - Use system random when available. This is part of the fix for
>   https://plone.org/products/plone/security/advisories/20121106/24
>   [davisagli]
> - Add MANIFEST.in (http://MANIFEST.in).
>   [WouterVH]
>  
> plone.openid: 2.0 → 2.0.1
> -------------------------
>  
> - Fixed to store timestamp as part of nonce. This fixes
>   http://dev.plone.org/plone/ticket/11987
>   [datakurre]
> - Add MANIFEST.in (http://MANIFEST.in).
>   [WouterVH]
>  
> plone.outputfilters: 1.6 → 1.8
> ------------------------------
>  
> - Fix packaging issue.
>   [esteele]
> - When resolving images, only look upward for the full image if the
>   image that was traversed is not a content item (i.e. is a scale).
>   [davisagli, datakurre]
> - Also convert "resolveUid/" links (big 'U') that FCKeditor used to create.
>   [hacklschorsch]
> - Also escape double quotes, fixes #13219
>   [maartenkling]
>  
> plone.protect: 2.0 → 2.0.2
> --------------------------
>  
> - Use constant time comparison to verify the authenticator. This is part of the
>   fix for https://plone.org/products/plone/security/advisories/20121106/23
>   [davisagli]
> - Add MANIFEST.in (http://MANIFEST.in).
>   [WouterVH]
> - Add ability to customize the token created.
>   [vangheem]
>  
> plone.session: 3.5 → 3.5.2
> --------------------------
>  
> - Use constant time comparison when validating tickets. This is part of the fix
>   for https://plone.org/products/plone/security/advisories/20121106/23
>   [davisagli]
> - Handle encoded strings for userids.
>   [elro]
> - Add MANIFEST.in (http://MANIFEST.in).
>   [WouterVH]
> - Fix for Python 2.4 under 64bit Mac OS generating incorrect mod_auth_tkt
>   digests
>   [MatthewWilkes]
>  
> plone.subrequest: 1.6.6 → 1.6.7
> -------------------------------
>  
> - Ensure correct handling of bare virtual hosting urls.
>   [elro]
>  
> plone.supermodel: 1.1.3 → 1.1.4
> -------------------------------
>  
> - Allow XML comments in field definitions.
>   [gweis]
>  
> plone.testing: 4.0.6 → 4.0.7
> ----------------------------
>  
> - Fix quoting of urls by the testbrowser.
>   [do3cc]
>  
> plonetheme.classic: 1.2.4 → 1.2.5
> ---------------------------------
>  
> - Reinstate positioning for magnifying glass image on search results
>   Search button.
>   [danjacka]
> - Fix sitemap display by making styles more specific than #content ul.
>   [danjacka]
>  
> wicked: 1.1.9 → 1.1.10
> ----------------------
>  
> - Fix minor white space test failures in combination with chameleon.
>   [maurits]
>  
> zope.schema: 4.2 → 4.2.1
> ------------------------
>  
> plone.formwidget.autocomplete: 1.2.3 → 1.2.4
> --------------------------------------------
>  
> z3c.relationfield: 0.6.1 → 0.6.2
> --------------------------------
>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plone.org/pipermail/plone-qa-team/attachments/20121227/aa840744/attachment-0001.html>


More information about the QA-Team mailing list