Blog

Want to always keep up-to-date with Bugzilla news? Subscribe to announce@bugzilla.org, a read-only mailing list where we'll post announcements about new versions of Bugzilla and security advisories.

Browse Archives »

You can also see what's going on in the project by looking at the notes of, or watching the video of, our monthly developer meetings.

Loading the upcoming event

04. May 2008

Status Update

by ()

Introduction and Updates

We’ve released four releases today: 3.0.4, 3.1.4, 2.22.4 and 2.20.6

A few security vulnerabilities were discovered in the four branches which you can read about in the Security Advisory.

About Bugzilla 3.1.4

3.1.4 is a lot more stable than 3.1.3 was, but it’s still not a final release, so we don’t recommend using it in a production environment. In particular, anybody using Oracle with Bugzilla should be extremely cautious about using this version of Bugzilla.

Here are a few significant enhancements in this release compared to 3.1.3:

  • The bug editing form has been redesigned.
  • Using ‘Test’ in mail_delivery_method now generates valid mbox file so you can easily perform QA tests.
  • Bugmail threading in email clients has been enhanced.
  • SMTP authentication is now supported.
  • A user who has product-specific editbugs privileges for all bugs listed in a bug list can now use the “Change several bugs at once” link to do mass-changes.
  • Custom fields can now be deleted if they have never been used.
  • More and more of Bugzilla now works correctly with multi-byte languages. Also, many UTF-8 problems from 3.1.3 have been fixed.
  • There have been various performance improvements in database access.

We encourage you to test this release and file bugs if you find things that are broken!

Our next development release should be 3.2 RC1, with an estimated release date in the second quarter of 2008. Stay tuned!

Bugzilla 2.20 Series End of Life

We would warn you that Bugzilla 2.20 series will soon reach End Of Life, meaning that no future security or bug fixes will be issued for 2.20 installations. We strongly advise Bugzilla administrators to upgrade their installations to version 3.0.4.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

04. May 2008

Release of Bugzilla 3.0.4, 3.1.4, 2.22.4 and 2.20.6

by Bugzilla Team

Today we have four Bugzilla releases! Read below and in our Status Update for details!

Security Advisory

All of these releases contain security fixes, and so you should definitely upgrade if you are affected by the fixed vulnerabilities. Read the Security Advisory for more details.

3.0.4

Bugzilla 3.0.4 is the latest stable release of Bugzilla. It contains several bug fixes and minor improvements over 3.0.3. Any installation currently running any 3.0.x version is encouraged to upgrade to 3.0.4.

3.1.4

Bugzilla 3.1.4 is our latest development release. It is considerably more stable than 3.1.3, but is still not recommended for production environments. Use this release at your own risk.

2.22.4 and 2.20.6

Bugzilla 2.22.4 and Bugzilla 2.20.6 are security-fix releases for the 2.22 and 2.20 series. If you are using any 2.22 or 2.20 version, we strongly recommend you update to these versions.

01. February 2008

Status Update

by () and Max Kanat-Alexander (mkanat)

Introduction and Updates

When we released 3.0.3, Bugzilla 3.1.3 wasn’t quite ready to release. But today, few weeks after the 3.0.3 all the features we wanted for this development release are ready, and so we’re releasing today!

3.1.3 has lots of new features as you can read about it below, but it’s still unstable, so you definitely should not use it in a production environment.

About Bugzilla 3.1.3

Here are some highlights:

  • Bugzilla now has experimental support for Oracle databases. Please note that you cannot currently upgrade an Oracle database. That is, if you install Bugzilla on Oracle, you will have to drop the entire database to upgrade to any new version. This will probably be fixed before the final release of 3.2.
  • The user interface for editing bugs has been redesigned. It will be even better in the final release of Bugzilla 3.2.
  • Huge performance and memory improvements for mod_perl users (same fix that was in 3.0.3.)
  • Incoming bugmail is now converted to UTF-8.
  • Bugzilla now uses transactions instead of locking the database tables.
  • Various LDAP handling improvements.
  • Plugins can now extend the Webservice interface.
  • There’s now a tool to auto-install missing Perl packages on non-Windows systems. It can install to a local directory, so you don’t even have to be root or modify your system’s Perl installation.
  • Mid-Air Collision protection for attachments.
  • Many useless intermediate pages have been removed, especially in admin pages.
  • You can now add comments to bugs using XML-RPC.
  • New custom field type: Date/Time field, with a JavaScript widget for picking a date.
  • You can now reverse the sort of a buglist by clicking on a header twice.
  • Bugzilla’s support for multi-byte languages has greatly improved. We did this by making Bugzilla treat strings as “characters” instead of as “bytes.”

Also, if you’ve ever looked at the code for process_bug.cgi, we encourage you to look at its code in this new release and see how different it is!

We encourage you to test this release and file bugs if you find things that are broken!

Documentation

The documentation has been improved: many new sections that were missing were added and most of the user interface pages have now links towards the appropriate section.

The New User Experience Team

Bugzilla now has a User Experience Team that focuses on improving Bugzilla’s user interface and the general experience that users have. If you’re interested in helping out, email the team leader, Guy Pyrzak!

The New Localization Team

Bugzilla now has a team of contributors that focuses on making Bugzilla easier to localize. They are currently researching what things need to be done to improve Bugzilla’s localizability. The team’s coordinator is Vitaly Fedrushkov from Russia (SnowyOwl on IRC). If you are interested in helping out, let him know on IRC, or let one of the Bugzilla developers know and they will pass it on to him.

FAQ Moved to the Wiki

For the Bugzilla 3.2 documentation, we’ve decided to move the Bugzilla FAQ onto our wiki. You can see it here: Bugzilla:FAQ. We encourage any experienced Bugzilla administrators to look over the current questions, make sure they’re up to date, and add any new questions that need to be added!

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

01. February 2008

Release of Bugzilla 3.1.3

by Bugzilla Team

3.1.3

Bugzilla 3.1.3 has had massive changes: among those, a fresh new user interface for editing bugs and experimental support for Oracle databases (caution: read the Status Update before using Oracle with Bugzilla). This release should be considered unstable and only used in testing environments.

08. January 2008

Release of Bugzilla 3.0.3

by Bugzilla Team

3.0.3

Bugzilla 3.0.3 is the last stable release of the 3.0.x series. In addition to various bug fixes, it contains important performance improvements for mod_perl installations.

There is no development release at this time, as the current CVS HEAD code is not stable enough even for a development release.

18. September 2007

Release of Bugzilla 3.0.2 and 3.1.2

by Bugzilla Team

We have two new releases, primarily to fix an important security issue discovered in the 3.0.x and 3.1.x series.

3.0.2

Bugzilla 3.0.2 contains the security fix and a few other minor bug fixes.

3.1.2

Bugzilla 3.1.2 also contains the security fix, but just like 3.1.1, it has had massive changes and received little or no testing. It should be considered unstable and only used in testing environments.

23. August 2007

Status Update

by Max Kanat-Alexander (mkanat)

Introduction and Updates

We’ve released several releases today, and lots of exciting things are happening in the world of Bugzilla development!

3.0 was very stable, but 3.0.1 has a lot of great polish fixes for the 3.0 series, making it our best release ever.

3.1.1 has lots of new features, and you can read about it below, but it’s very unstable. We found critical bugs in it right up to the moment of release, so you definitely should not use it in a production environment.

2.22.3 fixes some critical bugs in the 2.22 series. 2.20.5 fixes one critical bug.

All of the releases also contain security fixes, which you can read about in the Security Advisory.

About Bugzilla 3.1.1

All of the other releases have release notes, but this one has lots of new features and no release notes! So here’s some highlights:

  • More fields in Atom-formatted bug lists.
  • Bugzilla includes some microformats on show_bug.cgi and a few other places.
  • Bugzilla is fully templatized now, with the templatization of sanitycheck.cgi.
  • The UI for editing a group in editgroups.cgi got a major overhaul.
  • You can save a column list with your Saved Searches now.
  • You can specify multiple fail-over LDAP servers for authentication.
  • process_bug.cgi is in the middle of a major overhaul. Most of its code is being moved into Bugzilla::Bug.
  • Bugzilla now uses InnoDB tables for MySQL.
  • Bugzilla now uses database transactions in several places.
  • Bugzilla now enforces referential integrity in several places at the database level.
  • Even more of checksetup.pl is now localizable.
  • checksetup.pl now prints out modules in the order they should be installed.
  • The various administrative control panel links have been removed from the footer in favor of a single “Administration” link that goes to a new page that has links to all the various administrative controls.
  • You can expand/collapse comments when viewing a bug.
  • You can limit the recursion level of dependency graphs, now.
  • You can now customize bug statuses and their relationships.
  • The “Help” system (usually seen on query.cgi) now should work in all browsers, not just Firefox.
  • You can now see what Components a user is the Default Assignee or QA Contact of when you edit the user as an administrator.
  • The Keywords box is now enhanced with JavaScript to make editing the field easier.
  • You can now see how many users have subscribed to your Saved Search.
  • If you have a bug in groups and you move it to another product, Bugzilla is now more friendly about asking you what groups you want the bug to be/remain in.
  • If you have usemenuforusers turned on, Bugzilla will now show a drop-down box for flag requestees containing only people in the grant group.
  • Saved Searches now list what group they are shared to, in the list of searches you can select from.
  • Bugzilla now supports RADIUS authentication.
  • You can now have icons placed next to users who are in certain groups.
  • Bugzilla now requires Perl 5.8.1 or newer.
  • Bugzilla now has a new look that you can choose with the “Dusk” skin.
  • The [%# [email protected] %] comments at the top of every template file have been removed, as we never used them for their intended purpose.
  • The languages parameter has been removed. Bugzilla now just reads the contents of the template/ directory to discover what languages are installed.

Remember though that most of these features haven’t received any testing at all! So they might not even work. But we encourage you to test this release and file bugs if you find things that are broken!

Development Schedule for 3.2

We’ve changed our schedule to accomodate our current development and our goals for Bugzilla 3.2.

Our “soft freeze” (where we don’t accept new feature patches, but we will work on finishing up bugs that we currently have in progress) is tentatively planned for September 21, and our “hard freeze” (where we don’t accept any new features at all) on October 2.

The more contributors we get, particularly in the area of Release and QA, the faster we can get this release out when it’s ready!

Upcoming EOL of Bugzilla 2.20

With the release of Bugzilla 3.2, the Bugzilla 2.20.x series will reach End Of Life, meaning that there won’t be any further bug-fix updates, even if critical security issues are discovered.

We recommend that all Bugzilla 2.20 users upgrade to 3.0.1 at their earliest convenience. Upgrade instructions are in the Bugzilla 3.0 Release Notes.

New Contributor Documentation

The documentation for people who want to contribute to Bugzilla has been completely overhauled! Check out our new contributor documentation.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

23. August 2007

Release of Bugzilla 3.0.1, 3.1.1, 2.22.3, and 2.20.5

by Bugzilla Team

Today the Bugzilla project has four releases!

3.0.1

Bugzilla 3.0.1 is the first bug-fix release for the 3.0 series. 3.0 was very stable, but 3.0.1 adds a lot of little polish fixes that greatly improve the experience of using Bugzilla.

3.1.1

Bugzilla 3.1.1 is our first development release toward Bugzilla 3.2. It has a huge number of new features, but is extremely unstable. It has not been tested, and should not be used in a production environment. It may fail in critical ways, or destroy your data. However, it is useful as a feature preview and for testing purposes.

2.22.3 and 2.20.5

Bugzilla 2.22.3 and Bugzilla 2.20.5 are security-fix and critical bug-fix releases for the 2.22 and 2.20 series. If you are using any 2.22 or 2.20 version, we strongly recommend you update to these versions.

Security Advisory

All four releases also contain security fixes, and so you should definitely update if you want your installation to remain secure. Read the Security Advisory for more details.

09. May 2007

Status Update

by Max Kanat-Alexander (mkanat)

Introduction and Updates

After quite a bit of work, we’ve released Bugzilla 3.0! You can go read the release announcement for more details.

There’s also various other interesting news in Bugzilla land, see below for details.

About Bugzilla 3.0

Bugzilla 3.0 is very stable–we’ve had a long stabilizing cycle, 3.0rc1 got a lot of testing, and this release has been through our extensive QA process.

It has lots of new features. And, of course, we think you should read the release notes, because hey, they’re really useful! (And I spent a lot of time working on them!) (They’re even in HTML now, which is pretty cool.)

Future Releases

We’ve already done a lot of hacking away in terms of rearchitecture and adding new features toward 3.1, so 3.2 should be a very exciting release.

In general, having a good QA process has made us have to release far fewer bug-fix releases. The 2.22 series has been extremely stable, and so we expect the 3.0 series to be extremely stable as well.

Roadmap for Bugzilla 3.2

We have a roadmap for Bugzilla 3.2 that goes over the major new features we’d like to implement for 3.2. As you can see, there are a lot of new features there, and we’d love any help that we can get!

Development Schedule for 3.2

By our standard schedule, development for Bugzilla 3.2 enters a “soft freeze” on August 21 (where we don’t accept new feature patches, but we will work on finishing up bugs that we currently have in progress), and a “hard freeze” (where we don’t accept any new features) on September 4.

The more contributors we get, particularly in the area of Release and QA, the faster we can get this release out when it’s ready!

EOL of Bugzilla 2.18

We sent out the EOL announcement for Bugzilla 2.18, so users of Bugzilla 2.18 or 2.18.x should now all know that there won’t be any new releases in the 2.18 series, even if there are security bugs discovered in a 2.18 release.

We recommend that all Bugzilla 2.18 users upgrade to 3.0, at their earliest convenience. Upgrade instructions are in the Bugzilla 3.0 Release Notes.

Updated “Features” Page

For a while, the features page had been out-of-date, reflecting the features of Bugzilla 2.18. Now it’s fully up-to-date with all of the features of Bugzilla 3.0, and it’s pretty impressive! If you need help “selling” Bugzilla at your organization, feel free to point people at the updated features page!

T-Shirt for 3000th Announce List Subscriber

We sent a free Bugzilla t-shirt to the 3000th subscriber to our announcement list, Rich Gibbs. 3000 subscribers to the announce list shows a huge increase in the number of subscribers in just the past year. Despite there being more and more bug-trackers on the market, Bugzilla is still gaining in popularity!

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

09. May 2007

Release of Bugzilla 3.0!

by Bugzilla Team

In 1998, the first open-source version of Bugzilla, 2.0, was released to the world without much fanfare, just this little post on the netscape.public.mozilla.announce newsgroup.

Nine years later, Bugzilla is used by thousands of companies around the world with millions of total users. It has become the de-facto standard in open-source bug tracking. Thousands of companies have moved away from their costly commercial bug-tracking systems to Bugzilla, usually finding Bugzilla more flexible and more full-featured than the system they’d been paying thousands or hundreds of thousands of dollars for, and proving that open source software really can produce a competitive product.

Today, the Bugzilla Project is extremely proud to announce the release of Bugzilla 3.0, and just like Terry said in 1998, “We like the new version much better, and hope you will too.”

Here’s just a sampling of the major new features in version 3.0:

  • Custom Fields
  • mod_perl support for greatly-improved performance
  • Per-Product Permissions
  • XML-RPC Interface
  • Create and Modify Bugs by Email
  • and much, much more…

Bugzilla 3.0 also has a much-improved code base over previous versions of Bugzilla. Improvements are still happening, but long-time customizers and coders of Bugzilla will notice significant improvements. And if you haven’t seen Bugzilla code since 2.16 or so, prepare to be (pleasantly) surprised!

As always, we welcome open source contributors to Bugzilla, which is made entirely by volunteers around the world. You too can be part of the team that makes a product used by thousands of people daily.