SECURITY: Trac 0.11.2 Released

Skip to first unread message

Jonas Borgström

Nov 8, 2008, 4:40:18 PM11/8/08
Trac 0.11.2

We're happy to announce the Trac 0.11.2 release.

You will find this release at the usual place:

0.11.2 is a new stable maintenance release. It contains several security
fixes and everyone is recommended to upgrade their installations.

Bug fixes:

* Fixes potential DOS vulnerability with certain wiki markup.
Reported by Matt Murphy.
* Improved HTML sanitizer filter to detect possible phishing attempts.
Reported by Simon Willison.
* MySQL db backend improvement (reconnect after idle timeout #4465)
* TicketQuery speed improvements (#6436)
* Fixes for RSS feeds (timeline entries no longer truncated #7316,
no longer download some feeds under Firefox #3899)
* Search now works for custom fields (#2530)
* Same order for ticket fields for new and existing tickets (#7018)
* Enforce fine-grained permission for "quickjump" search results
* E-mail obfuscation was not done in a few remaining places (#7688,
* Uninstall of plugins from WebAdmin was not working - feature disabled
for now
* More robust pagination of results for reports and custom queries
(#7424, #7544)
* Support for newer version of pygments (#7622)
* Documentation updated (#7603, #7205, #7318)

Minor improvements:

* Better support for Wiki page hierarchy (show path #2780, link to
parent #2150)
* Custom query allow to search in description and other text fields

You can find a more detailed release note at:


Many thanks to the growing number of people who have, and continue to,
support the project. Also our thanks to all people providing feedback
and bug reports that helps us make Trac better, easier to use and more
Without your invaluable help, Trac would not evolve. Thank you all.

Finally, we offer hope that Trac will prove itself useful to like-
minded programmers around the world, and that this release will prove an
improvement over the last version.

Please let us know. :-)
/The Trac Team

Reply all
Reply to author
0 new messages