Blog

Want to always keep up-to-date with Bugzilla news? Subscribe to announce@bugzilla.org, a read-only mailing list where we'll post announcements about new versions of Bugzilla and security advisories.

Browse Archives »

You can also see what's going on in the project by looking at the notes of, or watching the video of, our monthly developer meetings.

Loading the upcoming event

06. November 2008

Release of Bugzilla 3.2rc2, 3.0.6, 2.22.6, and 2.20.7

by Bugzilla Team

Today there are four releases of Bugzilla!

The biggest release is Bugzilla 3.2rc2. There have been a lot of changes since 3.2rc1, particularly in the UI, so we wanted to put out another release candidate to get feedback. If all goes well with this release candidate, it should become 3.2 final in a few weeks with very few changes. 3.2rc2 is stable enough to use in small production environments, but major installations should wait for 3.2 final before upgrading.

We fixed a security bug in all releases that are coming out today, so there is also a Security Advisory to read.

Other than 3.2rc2, there are three other releases: 3.0.6, 2.22.6, and 2.20.7. 3.0.6 has some minor bug fixes, 2.22.6 brings Perl 5.10 compatibility to the 2.22 series, and 2.20.7 is just a security release.

12. August 2008

Status Update

by Max Kanat-Alexander (mkanat)

Introduction and Updates

Today we released three versions of Bugzilla: 3.0.5, 3.2rc1, and 2.22.5.

3.0.5 has general bug fixes and small polishes for the 3.0.x series.

3.2rc1 is our first release candidate for 3.2, and if everything goes well, we expect our next release to be 3.2.

2.22.5 only contains a security fix, the same security fix that all today’s releases contain. You can read more about it in the Security Advisory.

About Bugzilla 3.2rc1

The major difference between a Release Candidate and a development release is that a Release Candidate goes through QA. Also, a Release Candidate has Release Notes so you can see all the new features we’ve added, and any other things that you should know about.

Not all of our automated QA scripts have been updated yet for 3.2, but 3.2rc1 has passed all of the automated QA tests that are currently available. Our QA Team could always use help, if you’re interested.

3.2rc1 should be fairly stable, but of course it is not a final release. We encourage people to go out and install it in a test environment, but important installations should not be using it in production.

Work Toward Bugzilla 4

If you were paying attention closely, you may have noticed that we branched for Bugzilla 3.2 some time ago. The Bugzilla 3.2 code lives on a branch called BUGZILLA-3_2-BRANCH, and the current CVS HEAD has a version of 3.3.

Usually we wait for a Release Candidate to branch, but this time we branched as soon as we were frozen for 3.2, to encourage further feature development toward Bugzilla 4. (Bugzilla 3.3 will most likely become Bugzilla 4, although there may be a 3.4 release before Bugzilla 4.)

Generally, you really should not be using 3.3, as that’s our super-unstable, bleeding-edge code.

The major focus of Bugzilla 4 is integration. We want to have a full XML-RPC API and a powerful extensions system for Bugzilla. Our general plans for Bugzilla 4 can be seen on the Bugzilla Roadmap.

Bugzilla 2.20 Series End of Life

When Bugzilla 3.2 final is released, the Bugzilla 2.20 series will reach End Of Life, meaning that no future security or bug fixes will be issued for 2.20 installations. We strongly advise Bugzilla administrators to upgrade their installations to version 3.0.5.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

12. August 2008

Release of Bugzilla 3.2rc1, 3.0.5, and 2.22.5

by Bugzilla Team

There are three releases of Bugzilla today. See our Status Update for details about the releases and information about what’s going on in the Bugzilla Project.

Bugzilla 3.2rc1 is our first Release Candidate for Bugzilla 3.2. If everything goes well with this release, Bugzilla 3.2 should be released soon.

Bugzilla 3.0.5 is a bug-fix and polish release for the 3.0.x series.

Bugzilla 2.22.5 is a security-only release, with no other fixes or changes.

All of today’s releases include one security fix. See the Security Advisory for details.

04. May 2008

Status Update

by ()

Introduction and Updates

We’ve released four releases today: 3.0.4, 3.1.4, 2.22.4 and 2.20.6

A few security vulnerabilities were discovered in the four branches which you can read about in the Security Advisory.

About Bugzilla 3.1.4

3.1.4 is a lot more stable than 3.1.3 was, but it’s still not a final release, so we don’t recommend using it in a production environment. In particular, anybody using Oracle with Bugzilla should be extremely cautious about using this version of Bugzilla.

Here are a few significant enhancements in this release compared to 3.1.3:

  • The bug editing form has been redesigned.
  • Using ‘Test’ in mail_delivery_method now generates valid mbox file so you can easily perform QA tests.
  • Bugmail threading in email clients has been enhanced.
  • SMTP authentication is now supported.
  • A user who has product-specific editbugs privileges for all bugs listed in a bug list can now use the “Change several bugs at once” link to do mass-changes.
  • Custom fields can now be deleted if they have never been used.
  • More and more of Bugzilla now works correctly with multi-byte languages. Also, many UTF-8 problems from 3.1.3 have been fixed.
  • There have been various performance improvements in database access.

We encourage you to test this release and file bugs if you find things that are broken!

Our next development release should be 3.2 RC1, with an estimated release date in the second quarter of 2008. Stay tuned!

Bugzilla 2.20 Series End of Life

We would warn you that Bugzilla 2.20 series will soon reach End Of Life, meaning that no future security or bug fixes will be issued for 2.20 installations. We strongly advise Bugzilla administrators to upgrade their installations to version 3.0.4.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

04. May 2008

Release of Bugzilla 3.0.4, 3.1.4, 2.22.4 and 2.20.6

by Bugzilla Team

Today we have four Bugzilla releases! Read below and in our Status Update for details!

Security Advisory

All of these releases contain security fixes, and so you should definitely upgrade if you are affected by the fixed vulnerabilities. Read the Security Advisory for more details.

3.0.4

Bugzilla 3.0.4 is the latest stable release of Bugzilla. It contains several bug fixes and minor improvements over 3.0.3. Any installation currently running any 3.0.x version is encouraged to upgrade to 3.0.4.

3.1.4

Bugzilla 3.1.4 is our latest development release. It is considerably more stable than 3.1.3, but is still not recommended for production environments. Use this release at your own risk.

2.22.4 and 2.20.6

Bugzilla 2.22.4 and Bugzilla 2.20.6 are security-fix releases for the 2.22 and 2.20 series. If you are using any 2.22 or 2.20 version, we strongly recommend you update to these versions.

01. February 2008

Status Update

by () and Max Kanat-Alexander (mkanat)

Introduction and Updates

When we released 3.0.3, Bugzilla 3.1.3 wasn’t quite ready to release. But today, few weeks after the 3.0.3 all the features we wanted for this development release are ready, and so we’re releasing today!

3.1.3 has lots of new features as you can read about it below, but it’s still unstable, so you definitely should not use it in a production environment.

About Bugzilla 3.1.3

Here are some highlights:

  • Bugzilla now has experimental support for Oracle databases. Please note that you cannot currently upgrade an Oracle database. That is, if you install Bugzilla on Oracle, you will have to drop the entire database to upgrade to any new version. This will probably be fixed before the final release of 3.2.
  • The user interface for editing bugs has been redesigned. It will be even better in the final release of Bugzilla 3.2.
  • Huge performance and memory improvements for mod_perl users (same fix that was in 3.0.3.)
  • Incoming bugmail is now converted to UTF-8.
  • Bugzilla now uses transactions instead of locking the database tables.
  • Various LDAP handling improvements.
  • Plugins can now extend the Webservice interface.
  • There’s now a tool to auto-install missing Perl packages on non-Windows systems. It can install to a local directory, so you don’t even have to be root or modify your system’s Perl installation.
  • Mid-Air Collision protection for attachments.
  • Many useless intermediate pages have been removed, especially in admin pages.
  • You can now add comments to bugs using XML-RPC.
  • New custom field type: Date/Time field, with a JavaScript widget for picking a date.
  • You can now reverse the sort of a buglist by clicking on a header twice.
  • Bugzilla’s support for multi-byte languages has greatly improved. We did this by making Bugzilla treat strings as “characters” instead of as “bytes.”

Also, if you’ve ever looked at the code for process_bug.cgi, we encourage you to look at its code in this new release and see how different it is!

We encourage you to test this release and file bugs if you find things that are broken!

Documentation

The documentation has been improved: many new sections that were missing were added and most of the user interface pages have now links towards the appropriate section.

The New User Experience Team

Bugzilla now has a User Experience Team that focuses on improving Bugzilla’s user interface and the general experience that users have. If you’re interested in helping out, email the team leader, Guy Pyrzak!

The New Localization Team

Bugzilla now has a team of contributors that focuses on making Bugzilla easier to localize. They are currently researching what things need to be done to improve Bugzilla’s localizability. The team’s coordinator is Vitaly Fedrushkov from Russia (SnowyOwl on IRC). If you are interested in helping out, let him know on IRC, or let one of the Bugzilla developers know and they will pass it on to him.

FAQ Moved to the Wiki

For the Bugzilla 3.2 documentation, we’ve decided to move the Bugzilla FAQ onto our wiki. You can see it here: Bugzilla:FAQ. We encourage any experienced Bugzilla administrators to look over the current questions, make sure they’re up to date, and add any new questions that need to be added!

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide. You might also want to contribute to other Bugzilla areas.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.

01. February 2008

Release of Bugzilla 3.1.3

by Bugzilla Team

3.1.3

Bugzilla 3.1.3 has had massive changes: among those, a fresh new user interface for editing bugs and experimental support for Oracle databases (caution: read the Status Update before using Oracle with Bugzilla). This release should be considered unstable and only used in testing environments.

08. January 2008

Release of Bugzilla 3.0.3

by Bugzilla Team

3.0.3

Bugzilla 3.0.3 is the last stable release of the 3.0.x series. In addition to various bug fixes, it contains important performance improvements for mod_perl installations.

There is no development release at this time, as the current CVS HEAD code is not stable enough even for a development release.

18. September 2007

Release of Bugzilla 3.0.2 and 3.1.2

by Bugzilla Team

We have two new releases, primarily to fix an important security issue discovered in the 3.0.x and 3.1.x series.

3.0.2

Bugzilla 3.0.2 contains the security fix and a few other minor bug fixes.

3.1.2

Bugzilla 3.1.2 also contains the security fix, but just like 3.1.1, it has had massive changes and received little or no testing. It should be considered unstable and only used in testing environments.

23. August 2007

Status Update

by Max Kanat-Alexander (mkanat)

Introduction and Updates

We’ve released several releases today, and lots of exciting things are happening in the world of Bugzilla development!

3.0 was very stable, but 3.0.1 has a lot of great polish fixes for the 3.0 series, making it our best release ever.

3.1.1 has lots of new features, and you can read about it below, but it’s very unstable. We found critical bugs in it right up to the moment of release, so you definitely should not use it in a production environment.

2.22.3 fixes some critical bugs in the 2.22 series. 2.20.5 fixes one critical bug.

All of the releases also contain security fixes, which you can read about in the Security Advisory.

About Bugzilla 3.1.1

All of the other releases have release notes, but this one has lots of new features and no release notes! So here’s some highlights:

  • More fields in Atom-formatted bug lists.
  • Bugzilla includes some microformats on show_bug.cgi and a few other places.
  • Bugzilla is fully templatized now, with the templatization of sanitycheck.cgi.
  • The UI for editing a group in editgroups.cgi got a major overhaul.
  • You can save a column list with your Saved Searches now.
  • You can specify multiple fail-over LDAP servers for authentication.
  • process_bug.cgi is in the middle of a major overhaul. Most of its code is being moved into Bugzilla::Bug.
  • Bugzilla now uses InnoDB tables for MySQL.
  • Bugzilla now uses database transactions in several places.
  • Bugzilla now enforces referential integrity in several places at the database level.
  • Even more of checksetup.pl is now localizable.
  • checksetup.pl now prints out modules in the order they should be installed.
  • The various administrative control panel links have been removed from the footer in favor of a single “Administration” link that goes to a new page that has links to all the various administrative controls.
  • You can expand/collapse comments when viewing a bug.
  • You can limit the recursion level of dependency graphs, now.
  • You can now customize bug statuses and their relationships.
  • The “Help” system (usually seen on query.cgi) now should work in all browsers, not just Firefox.
  • You can now see what Components a user is the Default Assignee or QA Contact of when you edit the user as an administrator.
  • The Keywords box is now enhanced with JavaScript to make editing the field easier.
  • You can now see how many users have subscribed to your Saved Search.
  • If you have a bug in groups and you move it to another product, Bugzilla is now more friendly about asking you what groups you want the bug to be/remain in.
  • If you have usemenuforusers turned on, Bugzilla will now show a drop-down box for flag requestees containing only people in the grant group.
  • Saved Searches now list what group they are shared to, in the list of searches you can select from.
  • Bugzilla now supports RADIUS authentication.
  • You can now have icons placed next to users who are in certain groups.
  • Bugzilla now requires Perl 5.8.1 or newer.
  • Bugzilla now has a new look that you can choose with the “Dusk” skin.
  • The [%# [email protected] %] comments at the top of every template file have been removed, as we never used them for their intended purpose.
  • The languages parameter has been removed. Bugzilla now just reads the contents of the template/ directory to discover what languages are installed.

Remember though that most of these features haven’t received any testing at all! So they might not even work. But we encourage you to test this release and file bugs if you find things that are broken!

Development Schedule for 3.2

We’ve changed our schedule to accomodate our current development and our goals for Bugzilla 3.2.

Our “soft freeze” (where we don’t accept new feature patches, but we will work on finishing up bugs that we currently have in progress) is tentatively planned for September 21, and our “hard freeze” (where we don’t accept any new features at all) on October 2.

The more contributors we get, particularly in the area of Release and QA, the faster we can get this release out when it’s ready!

Upcoming EOL of Bugzilla 2.20

With the release of Bugzilla 3.2, the Bugzilla 2.20.x series will reach End Of Life, meaning that there won’t be any further bug-fix updates, even if critical security issues are discovered.

We recommend that all Bugzilla 2.20 users upgrade to 3.0.1 at their earliest convenience. Upgrade instructions are in the Bugzilla 3.0 Release Notes.

New Contributor Documentation

The documentation for people who want to contribute to Bugzilla has been completely overhauled! Check out our new contributor documentation.

Stay Updated About Bugzilla

As usual, we’d like to remind all Bugzilla administrators that to assist them in keeping up-to-date with release announcements and security advisories, we provide an ultra-low-volume administrator mailing list ([email protected]). We advise all Bugzilla administrators to subscribe so they can keep up with important Bugzilla announcements.

Those looking to get involved with Bugzilla development may want to consider joining the developers list ([email protected]). This list offers discussion on new features and issues. Developers are invited to subscribe to the list. You may also want to read our Contributor’s Guide.

Bugzilla Meetings

Come to our meetings every month! Anybody is welcome to attend who is interested in helping out with the Bugzilla Project, or just anybody who wants to put in their two cents on how development should go.

You can learn more about the meetings at the wiki page about Bugzilla Meetings.