| 1 | | alternc (0.9.7+dev) stable; urgency=low UNRELEASED |
|---|
| 2 | | |
|---|
| 3 | | * upgrade to Debian standard 3.7.3 (from 3.7.2.1) |
|---|
| 4 | | * move mysql configuration into a valid MySQL configuration file |
|---|
| 5 | | (/etc/alternc/my.cnf). This fixes a serious security issue (#318) |
|---|
| 6 | | where the MySQL root password was passed on the commandline. Those |
|---|
| 7 | | changes are pretty invasive and might break upgrades, cron jobs and |
|---|
| 8 | | your cat... |
|---|
| 9 | | * standardisation of the web interface, along with some esthetic changes, by |
|---|
| 10 | | Marc Angles, sponsored by Koumbit |
|---|
| 11 | | * styles can now be changed locally in admin/styles/base.css |
|---|
| 12 | | * crude implementation of a permission change interface in the file browser |
|---|
| | 1 | alternc (0.9.8) stable; urgency=high |
|---|
| | 2 | |
|---|
| | 3 | This release is packed with minor enhancements and bugfixes. It also packages |
|---|
| | 4 | security fixes. Not all targets of the milestone were accomplished but this |
|---|
| | 5 | was released nevertheless because of the security issue. |
|---|
| | 6 | |
|---|
| | 7 | * security: |
|---|
| | 8 | * move mysql configuration into a valid MySQL configuration file |
|---|
| | 9 | (/etc/alternc/my.cnf). This fixes a serious security issue (#318) |
|---|
| | 10 | where the MySQL root password was passed on the commandline and could |
|---|
| | 11 | therefore be visible to local users (and hosted members that don't have |
|---|
| | 12 | safe_mode controls or can access the process table in some way). |
|---|
| | 13 | * disable the autocomplete on frontal user/login |
|---|
| | 14 | * various bugfixes |
|---|
| | 15 | * upgrade to Debian standard 3.7.3 (from 3.7.2.1) |
|---|
| | 16 | * added missing dependency on mysql-client |
|---|
| | 17 | * fix display of errors on directory creation |
|---|
| | 18 | * from Trac: #1012, #1082, #1077, #1109 |
|---|
| | 19 | * fix 0.9.7 regressions: #1079, #1080, #1099, #1076 |
|---|
| | 20 | * new features: |
|---|
| | 21 | * starting with this release, the old warning signal defaults to "YES" which |
|---|
| | 22 | means that AlternC can be automatically installed without preseeding. |
|---|
| | 23 | * crude implementation of a permission change interface in the file browser |
|---|
| | 24 | (partial implementation of #267) |
|---|
| | 25 | * standardisation of the web interface, along with some esthetic changes, by |
|---|
| | 26 | Marc Angles, sponsored by Koumbit (partial implementation of #37) |
|---|
| | 27 | * styles can now be changed locally in admin/styles/custom.css |
|---|
| | 28 | * allow arbitrary error strings in error handlers |
|---|
| | 29 | * copy and archive extraction in the file browser (#1043) |
|---|
| | 30 | * display at which time the DNS changes will take effect (#231) |
|---|
| | 31 | * use timestamp for sql backups rather than rotating the files (#1063) |
|---|
| | 32 | * other simple additions: #1043, #1097 |
|---|
