Several security vulnerabilities have been discovered in Ruby on Rails lately (read the announcement) and are fixed in all of these new Redmine releases. These vulnerabilities are considered critical, so upgrading as soon as possible is highly recommended.
These new releases are available at Rubyforge.
I am proud to announce that the new feature release Redmine 2.2.0 is available for download at Rubyforge. Here are the highlights:
- Private comments in issues
- Ability to allow subtasks in subprojects or other projects (can be turned on/off with a configurable scope)
- Issue relations improvements:
- Precedes/Follows relations take care of non working days when rescheduling issues (non working days can be configured in the application settings)
- Precedes/Follows relations now also move following issues when rescheduling an issue earlier
- A new relation "Copied from/to" is automatically added when copying issues
- You can now filter issues against their relations
- Relations can be displayed on the issue list
- Issue list improvements:
- The order of the group column can now be set
- An option lets you display the full issue descriptions on the issue list
- REST API additions: wiki pages, roles, priorities, user Impersonation
You can review all the changes in the Changelog. Redmine 2.1.5 is a maintenance release for the 2.1.x branch.
Thanks to all contributors!
Redmine 2.1.4 fixes 7 defects including an IE8 compatiblity issue. You can see the full list of changes in the Changelog and download this release at Rubyforge.
Redmine 2.1.2 is a maintenance release that fixes 12 defects and a XSS vulnerability discovered in Redmine 2.1.0 (Changelog).
It's available for download at Rubyforge.
Redmine 2.1.0 is the new feature release and is available for download at Rubyforge. It includes major and exclusive new features as well as many improvements and fixes. Here are the highlights:
- Issues and workflow improvements: you can now configure required and read-only issue fields per role, tracker and status. You can also disable core fields that you don't use on a per tracker basis.
- Issue list and filters: issues can now be filtered by custom fields defined on your projects (eg. say you have a "Customer" custom fields on your projects, you will be able to filter issues for a given customer across all projects)
- Thumbnails: you can enable the automatic display of thumbnails for images attached to an issue. And a new macro lets you add clickable thumbnails of an attached image in any formatted text (eg. wiki page, news...).
- Closed projects: a new permission is added to let project members close/reopen projects. Unlike archived projects, closed projects are still visible but the project and all its data (issues, wiki...) is read-only.
- Subtaks copy: when copying an issue, an option lets you copy subtasks too.
- REST API: Groups can now be managed through the resp API. And the REST API now supports JSONP in order to retrieve data from a server in a different domain
- Macros: macros can now accept an optional block of text, making it easy to define custom text processors.
- Internals: Redmine now uses JQuery instead of Prototype + scriptaculous
You can review the full list of changes and fixes in the changelog.
Redmine 2.0.4 is a last maintenance release for the 2.0.x branch. Redmine 1.4.x will be maintained for security updates until the end of 2012.
New maintenance releases are available for both 2.0.x and 1.4.x series. They include several bug fixes and a security updates for some new vulnerabilities found in all prior Rails versions.
- Redmine 2.0.3 (Changelog) is upgraded to the latest Rails 3.2.6.
- Redmine 1.4.4 (Changelog) includes a backported fix for these vulnerabilities (Rails 2.3.x is no longer maintained by the Rails team).
They can be downloaded at Rubyforge.
Both are maintenance releases that include a few bug fixes. They also include fixes for some vulnerabilities recently discovered in Ruby on Rails:
- Redmine 2.0.2 (Changelog) is upgraded to the latest Rails 3.2.5.
- Redmine 1.4.3 (Changelog) includes a fix for the vulnerability CVE-2012-2660 that affects Rails 2.3.14.
Redmine 2.0.1 is a maintenance release that fixes 11 issues. It's available for download at Rubyforge.
Redmine 2.0.0 drops Rails 2.3 (which is no longer maintained by the Rails team) in favour of the latest Rails 3 release, and it's now available for download at Rubyforge. New features will come with the next 2.1.0 release.
Efforts have been made to ease the upgrade of existing Redmine plugins but most of them will need a bit of work from their authors in order to be compatible with Rails 3. So if you're using some plugins, you may want to wait before switching to Redmine 2.x.