VCS updates: bzr moving, cvs ending

At the Bugzilla project meeting on 2015-03-25 the project lead and assistant leads agreed on two major changes to Bugzilla’s source-code hosting:
  1. CVS support is officially dropped as of now. 4.0 is the last version that was released on CVS, and it will be EOLed when 5.0 comes out (very soon; rc3 was just released). In the event of a release on the 4.0 branch before it is EOLed, any Bugzilla installations that have not migrated to bzr or git will have to apply patches to upgrade, which will continue to be distributed as usual. Bugzilla site admins are strongly encouraged to migrate to pulling from git.mozilla.org as soon as possible.
  2. Bazaar hosting has been officially switched from bzr.mozilla.org to bzr.bugzilla.org. bzr.bugzilla.org is already active and syncing changes from git.mozilla.org. bzr.mozilla.org is no longer syncing changes and will soon be shut down. Any sites upgrading from bzr.mozilla.org must do one of the following to apply any future upgrades, in order of preference:

bzr.bugzilla.org will continue to mirror changes from git.mozilla.org for the 4.0, 4.2, and 4.4 branches as long as they are supported. Note that, at the moment, master/trunk is being mirrored as well, but no other branches, including and subsequent to 5.0, will be mirrored to bzr.bugzilla.org, and trunk mirroring may cease at any time.

Note that bzr.bugzilla.org is waiting on a proper certificate; please use plain http until this is resolved.

The Bugzilla team apologizes for any inconvenience. Please see our support options if you have trouble migrating.

Mark Côté
Assistant Project Lead, Bugzilla

Release of Bugzilla 5.0rc3, 4.4.9, 4.2.14, and 4.0.18

Today we have several new releases for you!

Bugzilla 5.0rc3 is our third Release Candidate for Bugzilla 5.0. This release has received QA testing, and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at your own risk.

If feedback from this release candidate indicates that it is mostly stable, then Bugzilla 5.0 will be released in a few weeks. If feedback indicates that more extensive fixes are needed, there may be another release candidate after this one.

Bugzilla 4.4.9 is our latest stable release. It contains various useful bug fixes:

Bugzilla 4.2.14 is a bugfix update for the 4.2 branch:

Bugzilla 4.0.18 is a bugfix update for the 4.0 branch:

Release of Bugzilla 5.0rc2, 4.4.8, 4.2.13, and 4.0.17

Sorry for the new release so soon, but we found a regression in the release last week and felt it would be best to get the fix out now rather than wait.

Bugzilla 5.0rc2 is our second Release Candidate for Bugzilla 5.0. This release has receive QA testing, and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at your own risk.

If feedback from this release candidate indicates that it is mostly stable, then Bugzilla 5.0 will be released in a few weeks. If feedback indicates that more extensive fixes are needed, there may be another release candidate after this one.

Bugzilla 4.4.8 is our latest stable release. It contains an important bug fix:

Bugzilla 4.2.13 is a bug fix update for the 4.2 branch:

Bugzilla 4.0.17 is a bug fix update for the 4.0 branch:

Release of Bugzilla 4.4.7, 4.2.12, 4.0.16, and 5.0rc1

Today we have several new releases for you!

All of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 5.0rc1 is our first Release Candidate for Bugzilla 5.0. This release has received QA testing, and should be considerably more stable than the development releases before it. It is still not considered fully stable, and so you should understand that if you use it, you use it at your own risk.

If feedback from this release candidate indicates that it is mostly stable, then Bugzilla 5.0 will be released in a few weeks. If feedback indicates that more extensive fixes are needed, there may be another release candidate after this one.

Bugzilla 4.4.7 is our latest stable release. It contains various useful bug fixes and security improvements:

Bugzilla 4.2.12 is a security and bugfix update for the 4.2 branch:

Bugzilla 4.0.16 is a security and bugfix update for the 4.0 branch:

Release of Bugzilla 4.4.6, 4.2.11, 4.0.15, and 4.5.6

Today we have several new releases for you!

All of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 4.4.6 is our latest stable release. It contains various useful bug fixes and security improvements:

Bugzilla 4.2.11 is a security update for the 4.2 branch:

Bugzilla 4.0.15 is a security update for the 4.0 branch:

Bugzilla 4.5.6 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. Development releases exist as previews of the features that the next major release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback, so if you find a bug in this development release (or you don’t like how some feature works) please tell us.

Landfill.bugzilla.org Disclosure

UPDATE: We have reset all passwords on all Landfill test Bugzilla systems. All users will be required to set a new password the next time they access the test Bugzilla systems.

One of our developers discovered that, starting on about May 4th, 2014, for a period of around 3 months, during the migration of our testing server for test builds of the Bugzilla software, database dump files containing email addresses and encrypted passwords of roughly 97,000 users of the test build were posted on a publicly accessible server.  As soon as we became aware, the database dump files were removed from the server immediately, and we’ve modified the testing process to not require database dumps.

Generally, developers who use our test builds have told us they understand that these builds are insecure and may break, so they do not use passwords they would reuse elsewhere.  However, because it is possible that some users could have reused their passwords on other websites or authentication systems, we’ve sent notices to the users who were affected by this disclosure and recommended that they change any similar passwords they may be using. It’s important to note that, unless users reused the password they used on landfill.bugzilla.org, this does not affect bugzilla.mozilla.org email addresses or passwords.

We are deeply sorry for any inconvenience or concern this incident may cause you.

Thanks,

Mark Côté

Assistant Project Lead, Bugzilla

Release of Bugzilla 4.0.14, 4.2.10, 4.4.5, and 4.5.5

Today we have several new releases for you!

All of today’s releases contain a security fix. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 4.4.5 is our latest stable release and contains a security fix.

Bugzilla 4.2.10 is a security update for the 4.2 branch:

Bugzilla 4.0.14 is a security update for the 4.0 branch:

Bugzilla 4.5.5 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. Development releases exist as previews of the features that the next major release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback, so if you find a bug in this development release (or you don’t like how some feature works) please tell us.


Upcoming Events

  • Bugzilla Public Meeting July 22, 2015 at 7:00 am – 8:00 am Mozilla Vidyo, Air Mozilla, IRC Public Bugzilla planning meeting. Anyone interested in contrib uting to Bugzilla, in planning, development, testing, documentation, o r any other aspect, should feel free to attend. See https://wiki.mozill a.org/Bugzilla:Meetings for more.
  • Bugzilla Public Meeting August 26, 2015 at 2:00 pm – 3:00 pm Mozilla Vidyo, Air Mozilla, IRC Public Bugzilla planning meeting. Anyone interested in contrib uting to Bugzilla, in planning, development, testing, documentation, o r any other aspect, should feel free to attend. See https://wiki.mozill a.org/Bugzilla:Meetings for more.

Follow

Get every new post delivered to your Inbox.

Join 679 other followers