[Bug 229795] [NEW] Sync Drupal 6.2 to Ubuntu
Launchpad Bug Tracker
229795 at bugs.launchpad.net
Fri Jan 16 22:42:13 GMT 2009
You have been subscribed to a public bug by Morten Kjeldgaard (mok0):
Binary package hint: drupal5
Please package the new release of Drupal 6.2 Here are the the
differences between 5.7 and 6.2
http://drupal.org/node/3060/release
drupal 6.2
SA-2008-026 - Drupal core - Drupal core - Access bypass
* #228120 by jvandyk: typo in documentation in comment.tpl.php
* #226480 by gpk: fix wording on when node access rebuild button is displayed in node_configure()
* #229817 by mcarrera: l() attributes were not properly specified in theme.inc's theme_username()
* #234403 by alienbrain: PHP.net documents we should use CRLF in mail headers, so do that
* #226555 by jvandyk, Rok Zlender: fix notice level error in xmlrpc.inc
* #204415 by chx: actually use 'administer content types' permission for node type editing instead of 'administer nodes'
* #234699 by hass: theme_link() did not mark frontpage links active properly
* #237717 by hass: missing t() in system_clear_cache_submit()
* #232037 by pwolanin: (performance) block regions should only be populated when called for, not in all cases (fixes performance expectation on 403/404 pages)
* #226728 by chx: (performance) temporary cache table entries were not flushed, causing cache_menu and cache_form to grow big
* #231587 by pwolanin, killes: (performance) use two level cache in menus, instead of storing very large amounts of data multiple times
* #239196 by jvandyk and myself: missing status check on nodes in search indexing counter
* rolling back #234403 by Bevan and damz: we should keep using LF in mail headers, without CR, CRLF causes problems
* #238564 by scor: two missing t() calls in update.module
* #241629 by solotandem: dblog module left one more row in, when cleaning up in cron
* #244597 by kbahey: remove cruft from user_login(), that added extra message to the form was never used or displayed
drupal 6.1
SA-2008-018 - Drupal core - Cross site scripting
* #189568 by dvessel: module .css files were not overriden from theme .info files
* #212608 by stefgosselin, webchick, slightly modified: get rid of notice when sorting blocks (minor)
* #218513 by moshe weitzman, Pancho: code documentation formatting fixes for menu.inc (minor)
* #220827 by Arancaytar, ax: fix code comments in _menu_navigation_links_rebuild() (minor)
* #227548 by Heine, AjK: misuse of db_escape_string(), when db_escape_table() should have been used
drupal 6.0-rc4
* #215992 by dww: provide information for upgrades from Drupal 5 with update status module
* #216632 by webernet, dww: more accessible update information screen
* #200028 by dww: trivial syntax fix in cache clearing
* #216890 by gpk with documentation from myself: blog API clients do not pass on the teaser_include flag, so only act on that flag, if we have it
* #157652 by beginner, Steven Merrill and killes: block_user() had a global user object and a user parameter colliding
* #216404 by Rob Loach: path_nodeapi() only worked for users with permissions, although node loading requires the path to be loaded
* #216858 by jvandyk, moshe weitzman: fix plain wrong and misleading user module phpdoc blocks
* #216061 by Eaton: nid was not set in node creation (programatic node creation regression)
* #217324 by Takafumi: trivial missing t() in taxonomy module
* #216750 by dww: Security releases from higher branches were not ignored in all cases (critical)
* #172597 by Rob Loach: minor double escaping in profile module
* #197833 by gdevlugt: node filtering theme function was not applied (minor)
* #204071 by Pancho: use UTF-8 aware string length counting in node_teaser() (minor)
* #117748 by quicksketch: short fix to trim() required fields for validation, with documentation
* #217180 by Gerhard Killesreiter: remove outdated information on Debian package maintainer
* #215858 by pwolanin: localized menu options were saved into the database, avoid this by using different variable names / array keys
* #216238 by theborg: theme descriptions were not translated properly (minor)
* #117748 rollback: this was not well tested
* #217926 by dropcube: Garland and Minnelli was updated for Drupal 6, but their code comments were not (minor)
* #215958 by pwolanin: fix form API link in PHP filter module help (minor)
* #217771 by dww: avoid confusing wrapping of release dates in update status module (minor)
* #215858 follow up by pwolanin: fix a fatal error in book module breadcrumb creation (critical)
* #218319 by moshe weitzman: translated menu link altering was not possible (critical regression)
* #214513 by Lynn: break was missing in system_send_email_action(), causing the action code to fall over to a different context (critical)
* #210131 by John Resig, dvessel with several testers: jQuery 1.2.3
* #218436 by scor: update jQuery copyright year number as well in COPYRIGHT.txt (minor)
* #218471 by pwolanin: exclude unpublished nodes from menus and books (critical)
* #215858 follow up by pwolanin: external links were not properly localizing options (critical)
* #218054 by pukku, Arancaytar: precision and scale arguments were not in proper order in SQL generation (critical)
* #218539 by keith.smith: more prominent mention of the security awareness / documentation of Drupal
* #218313 by jvandyk: uppercase forum topic sort ordering (minor)
* #218116 by greggles: better documentation for session_save_session() for security education
* #218403 by dmaz: avoid duplication in search index, when the database collation makes the words collide (critical)
* #218915 by jakeg, keith.smith: arry syntax error in watchdog() use in file_save_upload()
* #215308 by Pancho: 'Testing clean URLs...' was not removed in all cases when being checked
* #216515 by chx and myself: cached forms made all subsequent forms on the page cached (critical); and a comment op check was buggy
* #214209 patch by pwolanin and myself: do not allow users to post type of posts they are not configured to be able to post with Blog API (critical)
* #217508 by boydjd, Pancho, keith.smith: incorrect and misleading of use i.e., where e.g. should have been used
* #216813 by David_Rothstein, chx, pwolanin: primary and secondary links were broken on upgrade
* #219366 by pwolanin: let external links appear in the system admin blocks
* #219334 report by catch, patch by myself: upload table created in upgrade and upload table created by upload module enabled later collides
* #117748 by webchick, Pancho, Rob Loach, pwolanin: required field values were not properly trim()ed on validation
* #216904 by theborg, pwolanin: items were not properly ordered in tabledrag.js when more then the number of possible values
* #211979 by theborg, chx, pwolanin: menu items moved out of the navigation menu were not found as parents
* #184926 by Rob Loach: offline message was displayed to admin right after switching offline mode off
* #139290 by dgtlmoon, msameer, ChrisKennedy, Freso, Rob Loach, matt at antinomia, Arancaytar: blog page was blank when user / site had no blog posts to display
* #216511 by vladimir.dolgopolov: XHTML validation failed due to a misused & (minor)
* #209240 by gopherspidey, soxofaan: fix settings file checking for multisite setups, and a bad file name used in an error message
* #219380 by chx: bring back support for queries without WHERE clause to db_rewrite_sql() (regression)
drupal 6.0-rc3
SA-2008-016 - OpenID - Incorrect claimed_id returned for OpenID 2.0
* #208427 report by Pancho, patch by dvessel: strpos() parameters were flipped in color module, resulting in bad colors
* #208197 by dvessel: back to cloning the table header only in tableheader.js (fixes radio button issues and Safari 2 crashing)
* - Patch #210140 by dww: fixed code comment: 'default_major' is now deprecated in favor of 'supported_majors'.
* - Patch #209236 by traxer: added a validation function for the poll form.
* - Patch #206495 by jvandyk: improved consistency of trigger descriptions.
* - Patch #208926 by keith.smith: fixed broken link. The external link to the RSS specification changed.
* - Patch #115606 by Junyor, thesaint_02: added support for PHP 5.2's 'recoverable fatal errors'.
* - Patch #209034 by theborg: fixed small code style error that generates warnings.
* - Patch #210141 by dww (with some modifications by me): implement hook_flush_caches().
* #201540 follow up by zoo33: move jpeg quality validation to where it belongs, so it is only called if the current image toolkit requires it
* #209584 by Rob Loach: 404/403 validation is also done in runtime so to allow more flexibility here, remove the submission time validation
* #209045 by keith.smith: small typo in INSTALL.txt
* #208991 by JirkaRybka: target sticky table headers to Drupal output tables only, so it won't sticky random tables in other site content
* #190729 by aufumy, Pasqualle, slightly modified: report incompatibility early, if the dependencies key is not an array in the .info file
* #209077 by bec: missing initialization for the placeholders array in drupal_write_record()
* #200674 by scor, catch: update.php should inform users if their memory limit will possibly result in a WSOD
* #196630 follow up by JirkaRybka: fix theme location information in maintenance theming, so IE6 fix CSS is loaded properly
* #189785 by dropcube: anonymous users did not have permission to view the personal contact form, so catch them early
* #210141 follow up by dww: cleaning up some code comments
* #201641 by Ralf Stamm, Pancho: sort themes by their .info name, not their file name (just like modules)
* #208938 by bjaspan, scor: use schema PI for index updates instead of database dependent code
* #210211 by chx, theborg: removing the broken admin user search, which would provide the same as the public facing user search anyway
* #210260 by dropcube: kill notice when anonymous users uses site-wide contact form
* #208991 follow up by dvessel: forgot to mark the blocks table with sticky-enabled
* #209242 by dww: local .info file changes (ie. updated code) was not taken properly into account in update module
* #201641 by Ralf Stamm, Pancho: sort admin themes by info name as well
* #209720 by theborg: avoid processing resizable teasers before teaser.js is run and the proper wrappers are in place
* #211060 by boydjd: do not display the taxonomy-term-description div when there is no description
* #208602 by KarenS: add support for aborting all updates of one module, when a critical error happens
* #211322 by keith.smith: drag and drop documentation for input formats was missing, damn
* #211322 follow up by catch: forums also support drag and drop, mention in changelog
* #211443 by dropcube: kill a feed warning on taxonomy pages
* #200210 by gaele: more accessible color contrast in Garland error messages
* #210936 by Pancho: some padding around taxonomy descriptions on taxonomy pages, so that they get more breathing space
* #211067 by webchick: blogapi_mt_get_post_categories() not using taxonomy_node_get_terms() properly
* #211359 by chx: make dead menu items disappear on a Drupal 6 upgrade
* #211353 follow up by JirkaRybka: ensure that on upgrades, if the file_directory_path was not set, set it to the Drupal 5 default
* #210479 by catch, dvessel: add newlines to list items, so inline display and RTL issues are resolved
* #208498 by pwolanin: remove pager from menu admin page (for big menus, you will need to use a contrib module)
* #208602 follow up by myself and webernet: invert conditional to properly update schema versions, when needed
* #212285 by wrwrwr: hr should be treated as a block level tag
* #211404 by dvessel: improve tableheader.js performance in all browsers, solves freeze in IE7
* #195283 by pwolanin: code documentation for the 'forms' function group
* #211876 by hass: typo in profile module docs
* #212050 by keith.smith: JS compression was removed, but not from the changelog
* #209409 by Heine, webernet, dww: more accurate register globals value checking
* #210335 by keith.smith: highly confusing example in trigger module help, use a better one instead
* #206778 follow up by dvessel: better filtering for subtheme files
* #211403 by dww: Removed fallback code for determining the project based on the directory.
* #211053 by momendo: poll submission and editing field columns fixed
* #119038 by ximo, Pancho: user role editing usability: include disabled checkbox for authenticated role
* #212813 by dww: link project status information to the admin/reports/updates page (usability)
* #212409 by theborg: avoid calling check_plain() twice on menu links
* Outdated use of watchdog() noticed while creating translation templates
* #213172 by skiquel: let color module run properly without a base image
* #213064 by dvessel: fix sticky table headers bug when resizing
* #194494 by Jax, slightly expanded: unify empty password handling is MySQL and MySQLi installer and runtime drivers
* #208768 by dvessel, Arancaytar: language direction should be in the HTML source, so it is more accessible even without CSS
* Three remaining instances of t() use in system module update code removed.
* #204411 by catch: elevate MySQL requirements to 4.1.1 (the first production MySQL 4.1.x was 4.1.5 anyway)
* #107375 follow up by zeta-zoo: fixed incorrect description for MySQL's 'Select_range_check'
* #213319 by add1sun: minor code documentation fix at template_preprocess_block()
* #211742 by theborg, chx: detect and solve the problem when blocks are assigned to invalid regions (happens in theme development)
* #212921 by fgm: remove unused reference on update_process_info_list() parameter list, which causes strict warnings in PHP 5
* #205067 by asimmonds: kill notice in install.php when the profile is not yet set
* #204411 by chx, slightly modified: heal a possible MySQL import error when the anonymous user becomes broken
* #194327 by dvessel, David_Rothstein, catch, theborg: IE form submission button correction was buggy
* #212126 report by salvis, patch by myself: allow clearing of drupal_html_to_text() URL list, so it can be used multiple times on the page
* #214213 by keith.smith: fix broken link in INSTALL.txt
* #205523 by assimonds: (minor) add missing CVS Id tags
* #213150 by Lynn: fix HTML validation problem with node term listings
* #214058 by catch, Arancaytar: forum form alter was mistakenly dropping the parent field in all taxonomy forms
* #187075 by dvessel: do not compute a breadcrumb for the home page (regression)
* #200028 by agentrickard, dww: cache more project module data, so there is less burden on Drupal when generating admin pages (performance)
* #214579 by keith.smith: vocabulary drag and drop was not properly documented (string change)
* #204415 by Lynn, traxer, pwolanin: migrate node type URLs to a path model based on menu paths, so conflicts between action and node type names are not a problem
* #212864 suggestion by pp, patch by gdevlugt: use format_date() for RSS item dates instead of date() to honor site time zone settings
* #172571 by fgm, slightly modified: document that theme_xml_icon() was superceded in most cases by theme_feed_icon()
* #207330 by c960657: allow custom URL rewriter to work on base_url and fix urlencoding of front page URL with a path prefix
* #208888 by jvandyk: set access time when externally authenticated user first logs in
* #206955 follow up by merlinofchaos: avoid misusing default values for image buttons
* #206881 by ScoutBaker: (minor) fix whitespace at TRANSLATION_ENABLED, so the phpdoc shows up properly
* #214922 by Eaton: fix code typo which prevented from image buttons in a tree form from working
* #213657 by dopry and moshe weitzman: typo in rss feed build mode and better link handling
* #207029 by JohnAlbin: some menu item properties were not passed along for theming (regression)
* #213517 by ax: inline documentation cleanup, fixing four unclosed @defgroups
* #193331 by ufku: the replace parameter was not used in file_save_upload() as documented, fix this
* Translating menu items and taxonomies is not a core feature, so do not mislead users. Noticed while translating to Hungarian.
* #213664 by chx, theborg: menu item not expanded on front page
* #210219 by htalvitie, yched: initialize block caching properties properly on install (and update bugos RC2 sites as well)
* #210219 follow by myself: update_sql() does not support placeholders, so we should compose our own SQL ourselfs
* #215303 by Pancho, slightly modified: clean URL test support text was not green if not using JS
* #214292 by theborg: collapse.js alters the default submit buttons in forms in Internet Explorer
* #215361 by bec: phpdoc for menu_load_objects(), _menu_item_localize() and _menu_link_translate()
* #202382 by Pasqualle and Pancho: phpdoc improvements and code style fixes in node module
* #215252 by bdragon: reset the cache flush variable before the cache is flushed, so busy sites will not attempt multiple cache flushes at a time
* #208556 by Pancho: fix broken display of OpenID links
* #215335 by jvandyk: fix user_login_submit() phpdoc
* #79018 by pwolanin, catch, Morbus Iff: document how can one hide CHANGELOG.txt, etc. to improve security a slight bit
* #207863 by mikey_p, Pancho: use module_load_include() as intended
* #214329 by starbow: avoid attaching scroll behavior multiple times
* #215454 by keith.smith: cleaning up some language in INSTALL.txt
* #215848 by simonc: SMALLTEXT is not a valid MySQL type, TINYTEXT is there instead
* #208858 by theborg, gdevlugt: fix forum node and comment counting, taking term revisioning into account
* #216014 report by meba, patch by myself: menu_install() did not use get_t() for its menu item creation
* #105405 by chx, Pancho: (regression) remove web server version checking; it is not in Drupal 5; Apache 1.3 is surpassed for a long time now
* #215127 by chx, webernet, catch; testing by theborg: menu item parenting was broken when moving menu items
* #216042 by Eaton: provide the complete form to element validators as well (critical regression for CCK)
* #216022 reported by johnnysxip, patch by walkah: (SA-2008-016) OpenID - Incorrect claimed_id returned for OpenID 2.0 and other minor OpenID 2.0 compliance fixes
* #200028 follow up by dww: clear update module cache on update.php run as well
** Affects: drupal6 (Ubuntu)
Importance: Wishlist
Status: Triaged
** Affects: drupal5 (Debian)
Importance: Unknown
Status: Fix Released
** Affects: drupal6 (Debian)
Importance: Unknown
Status: Unknown
** Tags: needs-packaging sync upgrade
--
Sync Drupal 6.2 to Ubuntu
https://bugs.edge.launchpad.net/bugs/229795
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list