Release of Bugzilla 3.2.3 and 3.3.4

by Bugzilla Team

We are releasing two versions of Bugzilla, one bug-fix release for our stable branch, and one development release. All of today’s releases contain security fixes. We recommend that all Bugzilla administrators read the Security Advisory that was published along with these releases.

Bugzilla 3.2.3 is our latest stable release. It contains various useful bug fixes and security improvements:

• Download 3.2.3
• Release Notes for 3.2.3

Bugzilla 3.3.4 is an unstable development release. This release has not received QA testing from the Bugzilla Project, and should not be used in production environments. Development releases exist as previews of the features that the next major release of Bugzilla will contain. They also exist for testing purposes, to collect bug reports and feedback, so if you find a bug in this development release (or you don’t like how some feature works) please tell us.

For details on what’s new in this development release and what’s going on with the Bugzilla Project, see our latest Status Update.

• Download 3.3.4

Release of Bugzilla 3.2.2, 3.0.8, and 3.3.3

by Bugzilla Team

A critical bug was found in Bugzilla 3.2.1, 3.0.7, and 3.3.2 immediately after their release. If you are running these versions and your installation runs under mod_perl, it is very important that you upgrade to these new releases.

• Download 3.2.2
• 3.2.2 Release Notes
• Download 3.0.8
• 3.0.8 Release Notes
• Download 3.3.3

See today’s Security Advisory for details on the bug being fixed.

Status Update

by Max Kanat-Alexander (mkanat)

Introduction and Updates

The Bugzilla Project has been making some really good progress lately. We’ve fixed all the oldest security bugs in Bugzilla with this set of releases, and we’ve also done a tremendous amount of feature development and general improvement work toward Bugzilla 3.4.

The security fixes in this upgrade are worth reading about, since some functionality in your Bugzilla may change after this upgrade, depending on how you choose to configure certain parameters. See the Security Advisory for Details.

About Bugzilla 3.3.2

Even though it’s only been a few weeks, we’ve done a tremendous amount of development between 3.3.1 and 3.3.2.

The Bugzilla Project is especially thankful to Canonical, who funded Everything Solved to add a bunch of new WebServices functions and an exciting new “See Also” field where you can put the URLs to bugs in other Bugzilla installations.

There are lots more features than just those, though. Here’s a summary of the major new enhancements in 3.3.2 since 3.3.1:

• Email addresses are now only displayed to logged-in users.
• Aliases are displayed instead of bug ids in the Depends On and Blocks lists, if the bugs have aliases.
• A “See Also” field that accepts URLs to Bugzilla bugs and Launchpad bugs, designed to allow you to refer to bugs in other installations. This won’t be getting any new functionality for Bugzilla 3.4, but future releases will automatically update the other Bugzilla to let it know that you set a See Also.
• New WebService methods: Bug.update_see_also, Bug.search, Bug.comments, Bugzilla.time
• The WebService Bug.get method now returns more fields.
• The WebService Bug.add_comment method now returns the comment_id of the added comment.
• More of Bugzilla now uses the shadow DB when possible.
• You now have the option to view more details information in time-tracking summary reports.

And we expect Bugzilla 3.4 to have a few more new features than those, too.

The current estimated release date for Bugzilla 3.4 is May 15, 2009, although that’s a very rough estimate and may change.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

Release of Bugzilla 3.2.1, 3.0.7, 2.22.7, and 3.3.2

by Bugzilla Team

Today we have some major security improvements for Bugzilla in the form of four releases. We strongly recommend that all Bugzilla administrators read the Security Advisory for these releases.

Bugzilla 3.2.1 is our latest stable release. It contains various useful bug fixes in addition to major security improvements:

• Download 3.2.1
• Release Notes for 3.2.1

Bugzilla 3.0.7 and Bugzilla 2.22.7 are security updates for their branches.

• Download 3.0.7
• Release Notes for 3.0.7
• Download 2.22.7
• Release Notes for 2.22.7

Bugzilla 3.3.2 is an unstable development release. In addition to the security fixes that all the other releases contain, this release contains numerous new features and improvements. For details on what’s new, see our latest Status Update.

Note that 3.3.2 is very unstable and should not be used in a production environment.

• Download 3.3.2

Status Update

by Max Kanat-Alexander (mkanat)

Introduction and Updates

Today we have an unstable development release, Bugzilla 3.3.1. This is our first development snapshot toward Bugzilla 3.4. There aren’t any release notes yet for it, so we’re just going to talk about the release here in the status update and highlight a few of the new features.

About Bugzilla 3.3.1

Bugzilla 3.3.1 has been under development for quite some time. We branched for 3.4 in May of 2008, but our main development focus was still 3.2 until it was released. So 3.4 got some occasional new features for a long time, and then a lot of enhancements recently, after we released 3.2.

Bugzilla 3.4 is going to be a time-based release, meaning that we’re going to have a feature freeze on January 29 no matter how many features we have, or what the features look like. Hopefully this should allow us to release relatively quickly and have a Bugzilla 3.4 by May.

However, since we’re freezing very soon, it’s important that you let us know what you think about the new features! Either download the new development release or go check out the features using one of the “CVS” installations on landfill.

Here’s a list of some of the new features in 3.3.1:

• Users can now choose what time zone to display times in.
• New custom field type: Bug ID
• You can now show or hide particular custom fields based on the value of another field.
• The list of values for a drop-down or multi-select custom field can now be different depending on the value of another field.
• When you do a search, you will now see a basic description of what you searched for at the top of the bug list.
• New WebService functions: Bug.get_history, User.get
• You can now update the dependency fields when changing several bugs at once.
• You can now use drop-down custom fields as axises in reports.
• There is now an email preference that allows you to receive mail when a bug is newly created.
• You can now see summarized timetracking data at the bottom of a bug list.
• You can now re-order the columns of a bug list.
• Bugzilla now uses SHA-2 to store passwords in the database instead of the Unix crypt() function. This allows Bugzilla to recognize passwords longer than eight characters.
• Various parameters have been removed and replaced with Bugzilla behaving sensibly by default.
• The X-Bugzilla-Type header in bugmail now differentiates between bugmails for new bugs and bug updates.
• You can now add private comments when changing several bugs at once.
• Abbreviated data in bug lists is shown fully in tooltips.
• When you run checksetup.pl, it will re-write your localconfig file, update the comments, and remove any old variables automatically.
• If you try to put an invalid regular expression into any field that accepts a regex, Bugzilla will now throw an error instead of just failing on the database side.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

Release of Bugzilla 3.3.1

by Bugzilla Team

Bugzilla 3.3.1 is our first development snapshot of what will eventually become Bugzilla 3.4. Right now this snapshot should be consisdered very unstable–it has received no testing whatsoever. It is just here to give you an idea of what the new features in Bugzilla 3.4 will be like.

This is a fairly important period for feedback, since we will have a feature freeze for Bugzilla 3.4 on January 29–fairly soon. If you think a feature in 3.3.1 should work some other way, now is the time to let us know!

• Download 3.3.1
• Read our latest Status Update (lists new features present in 3.3.1).

Status Update

by Max Kanat-Alexander (mkanat)

Introduction and Updates

Today is the release of our first major feature update since 3.0, Bugzilla 3.2! This status update will tell you a bit about Bugzilla 3.2, talk about some of its new features, and then talk about the road to Bugzilla 4.0.

About Bugzilla 3.2

3.2 has a lot of new features. In many ways, this is one of the releases that we’ve put the most “polish” into. After conquering a lot of major obstacles and doing lots of code clean-up to prepare for the Bugzilla 3.0 series, we were finally able to focus on a lot of usability issues and annoyances that we’ve always wanted to fix.

For example, we cleaned up the show\_bug.cgi UI, and thanks to the new UI, you can change the status of a bug and reassign it at the same time. We added mid-air collision protection to attachment updates. The Diff Viewer shows the line numbers of the files that are being patched. And lots of other great improvements that will be appreciated by long-term users and new users alike, on top of all the new major features that we added.

Bugzilla 3.2 Has Oracle Support

So, Bugzilla 3.2 is our first release to support Oracle as a database backend. It took a lot of work to support Oracle for this release, and we’re grateful that Oracle Corp. provided a developer to implement those changes.

Now, Bugzilla is an open-source project, and we don’t advocate using proprietary database systems. We’d still recommend that new Bugzilla installations use MySQL or PostgreSQL, if you can. However, if your company uses Oracle and can’t use anything else, now you can use Bugzilla!

Note that implementing Oracle support in Bugzilla was very complex, and so for Bugzilla 3.2, we’re only saying that we have “experimental” support for it. We’re aware of some bugs, and there may be other bugs we’re not aware of. However, we’re not aware of any major issues that would totally prevent an organization from using Bugzilla on Oracle.

The Road to Bugzilla 4.0

So, after we branched for 3.2, we wrote out a roadmap for Bugzilla 4.0. For Bugzilla 4.0, our focus is inter-Bugzilla communication and integration. That is, the ability for other tools to talk to Bugzilla, and for two Bugzilla installations to talk to each other. We want to have a greatly-improved WebServices interface for Bugzilla 4.0, among other features.

However, as we started to work toward these goals, it became apparent that they were too large for us to complete in one release cycle–we’d be waiting a year or two in order to get out Bugzilla 4.0, and we want to do regular releases.

So what we’ve decided is that Bugzilla 4.0 is a “feature-based release”–that is, we won’t call Bugzilla “4.0” until we actually achieve our roadmap. The roadmap may change somewhat between now and 4.0, but we still have to finish whatever’s on the roadmap to get to 4.0.

In the mean time, until we achieve those features, we are going to do time-based releases in the 3.x series. So, for example, we are going to freeze for 3.4 exactly two months after 3.2 is released, no matter what features 3.4 has at that time.

So, what you should be seeing from us in the near future are faster, smaller major releases, where we have a new major release approximately every six months, which is what we always wanted to do anyway. Then, after several of these smaller releases we will eventually reach the feature set required for 4.0, and that release will be called 4.0.

This whole system is an experiment, so if it doesn’t work we might change our plans. But these are our plans for now.

Bugzilla 2.20 Series End of Life

Now Bugzilla 3.2 final is released, the Bugzilla 2.20 series has reached End Of Life, meaning that no future security or bug fixes will be issued for 2.20 installations. We strongly advise Bugzilla administrators to upgrade their installations to version 3.2.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

Release of Bugzilla 3.2!

by Bugzilla Team

Today we are releasing the first major release of Bugzilla after 3.0, Bugzilla 3.2. Bugzilla 3.2 has an enormous number of new features, including some great user interface enhancements, custom statuses, new custom field types, Oracle support, and lots of other improvements.

• Download 3.2
• Read the Release Notes
• See a list of New Features in 3.2

You can also see our latest Status Update to find out what’s going on in the Bugzilla Project, our plans for Bugzilla 4.0, and all that.

The release of Bugzilla 3.2 means that the Bugzilla 2.20 series has now reached End-Of-Life. This means that no development will be done on the 2.20 series anymore, and no new 2.20 releases will be made, even if there are security holes in the 2.20 series.

NASA Uses Bugzilla for Endeavour Shuttle and International Space Station

by Bugzilla Team

On Friday, November 14, 2008, mission control at NASA had its first live use of a two new problem-tracking systems. These new systems are based on Bugzilla, with customizations by Everything Solved and the NASA Ames Research Center Human-Computer Interaction Group, with support from the San Jose State University Foundation.

The first piece of software is called PRACA (the Problem Reporting and Corrective Action System), and it is used to track problems discovered while building and testing shuttle components, so that mission control and various NASA departments can have problem-solving information at their fingertips.

PRACA will also be used for the future Constellation space program due to begin in 2010. It will replace 40 different database systems at various different departments of NASA, centralizing problem tracking for the Constellation program.

Another system based on Bugzilla, IFI (Items for Investigation), is used for tracking in-flight problems during International Space Station missions.

NASA has been an active contributor to the Bugzilla Project, funding the development of numerous upstream features in Bugzilla, including all of the new custom field types that will appear in Bugzilla 3.2, and even more custom field features that will appear in Bugzilla 3.4.

The Bugzilla Project is proud that it has been able to play such an important role in mankind’s exploration of space. We are happy that our open-source software may one day help us reach the stars.

Release of Bugzilla 3.2rc2, 3.0.6, 2.22.6, and 2.20.7

by Bugzilla Team

Today there are four releases of Bugzilla!

The biggest release is Bugzilla 3.2rc2. There have been a lot of changes since 3.2rc1, particularly in the UI, so we wanted to put out another release candidate to get feedback. If all goes well with this release candidate, it should become 3.2 final in a few weeks with very few changes. 3.2rc2 is stable enough to use in small production environments, but major installations should wait for 3.2 final before upgrading.

• Download 3.2rc2
• Read the Release Notes
• See a list of New Features in 3.2

We fixed a security bug in all releases that are coming out today, so there is also a Security Advisory to read.

Other than 3.2rc2, there are three other releases: 3.0.6, 2.22.6, and 2.20.7. 3.0.6 has some minor bug fixes, 2.22.6 brings Perl 5.10 compatibility to the 2.22 series, and 2.20.7 is just a security release.

• Download 3.0.6
• Read the 3.0.6 Release Notes
• Download 2.22.6
• Read the 2.22.6 Release Notes
• Download 2.20.7
• Read the 2.20.7 Release Notes