Redmine - Package Updates
Pinned
Redmine
-
You can use this thread to track updates to the Redmine package.
Please open issues in a separate topic instead of replying here.
-
[1.5.0]
- Use base image 2.0
-
[1.5.1]
- Update screenshots
- Add forum url
- Better post install message
-
[1.6.2]
- Update redmine to 4.1.2
- News announcement
- Security fixes: fix for a permission bypass in Issues API and a fix for private project name that can be leaked in issue journal details
-
[1.7.0]
- Update redmine to 4.2.0
- News announcement
- Use latest base image v3 (Ruby 2.7)
- Support for Git repositories with default branch "main"
- Show project tree instead of subprojects in the project selector when you create a new issue
- Allow newlines and quote characters within mail body delimiters
- Ability to set default value for "I don't want to be notified of changes that I make myself"
- Display more detailed error message when attempting to import malformed CSV file
- Move delete button for issues and journals to the dropdown menu
-
[1.7.1]
- Update redmine to 4.2.1
-
[1.7.2]
- Update testing to async
- Update redmine to 4.2.2
-
[1.7.3]
- Update redmine to 4.2.3
- News announcement
- contains security fixes of moderate severity
-
[1.8.0]
- Upgrade ruby to 2.7.2 as per requirements
-
[1.9.0]
- Fix installation and loading of plugins
-
[2.0.0]
- Breaking change: crontab support has been removed. If you had any cron tasks in
/app/data/crontab
, please move them
to the cron section of the app after updating. See https://docs.cloudron.io/apps/#cron for more information.
- Breaking change: crontab support has been removed. If you had any cron tasks in
-
[2.0.1]
- Update base image to 3.2.0
-
[2.0.2]
- Update redmine to 4.2.4
- News announcement
-
[2.0.3]
- Update redmine to 4.2.5
- News announcement
-
[3.0.0]
- Update redmine to 5.0.0
- News announcement
- Migrate to Rails 6.1 with Zeitwerk autoloading (#29914). Switching to Zeitwerk autoloader breaks some plugins and requires plugin developers to fix the compatibility issues.
- Introduced CommonMark Markdown (GitHub Flavored) formatter
- Users can be mention now using @ autocomplete by other users with add watchers permission (#13919). This a long awaited feature.
- Issue custom query: default query per instance, project and user (#7360). This a long awaited feature.
- Default project custom query: per instance and per user (#35795).
- Ability to add watchers to Wiki pages (#7652).
- Issues can now be filtered by notes (#5893) or by file description (#34715).
- "Contains" operator supports now multiple search items (#35764). Using wilcard characters (_ or %) is no longer supported (#35073).
- Two-factor authentication improvements: you can enable it only for certain groups (#31920) or for users with administration rights (#35439). Users list contains now the 2FA status as column and as filter option (#35934).
-
[3.0.1]
- Update redmine to 5.0.1
- News announcement
- an update to the latest Ruby on Rails 5.2.8 for 4.2.6 and Rails 6.1.6 for 5.0.1 that fixes CVE-2022-22577 and CVS-2022-27777.
- an update to nokogiri gem that fixes another 2 CVEs: CVE-2021-41098 and CVE-2021-30560
-
[3.1.0]
- Update redmine to 5.0.2
- News announcement
- Updates commonmark gem version to 0.23.4 when Ruby >= 2.6 is used in order to fix a remote code execution vulnerability. Because the fixed version of the gem doesn't support Ruby 2.5, those instances that are using Redmine 5.0.*, Commonmark and Ruby 2.5, it is highly recommended to update Ruby version to at least 2.6 because it's the only way to get the update and the fix. Also, the next major Redmine version (5.1.0) already dropped support for Ruby 2.5 (#37159).
- Updates jQuery UI to 1.31.1 to fix 3 medium severity XSS vulnerabilities
- Fixes unauthorised Information Leak in QueryAssociationColumn and QueryAssociationCustomFieldColumn when the user has no permission to view on the associated object
-
[3.1.1]
- Delete stale pid files on startup
-
[3.1.2]
- Update redmine to 5.0.3
- Security: Updates commonmark gem version to 0.23.4 when Ruby >= 2.6 is used in order to fix a remote code execution vulnerability. Because the fixed version of the gem doesn't support Ruby 2.5, those instances that are using Redmine 5.0.*, Commonmark and Ruby 2.5, it is highly recommended to update Ruby version to at least 2.6 because it's the only way to get the update and the fix. Also, the next major Redmine version (5.1.0) already dropped support for Ruby 2.5 (#37159).
- Security: Updates jQuery UI to 1.31.1 to fix 3 medium severity XSS vulnerabilities
- Security: Fixes unauthorised Information Leak in QueryAssociationColumn and QueryAssociationCustomFieldColumn when the user has no permission to view on the associated object