Releases: bestpractical/rtir
6.0.1
RTIR 6.0.1 -- 2025-08-05
We're pleased to announce the general availability of RTIR 6.0.1.
RTIR 6.0.1 is a major compatibility release that updates RTIR to work with RT
6.0.1. This release focuses primarily on migrating RTIR's interface and
functionality to be compatible with RT 6's updated architecture, including
running with htmx, customization with page layouts, updated API methods, and
modernized interface components. RTIR 6.0.1 requires RT 6.0.1 to function properly.
Note that there was no RTIR 6.0.0 public release.
You can get the new release here:
https://download.bestpractical.com/pub/rt/release/RT-IR-6.0.1.tar.gz
SHA-256 sums
d3b5ecce1a647dada7df2af7958acf1ef3df831e6d28b18bf4558386a0b74a8d RT-IR-6.0.1.tar.gz
8337d7d8f0a18f3261508aab8e7f5b27d6039c6afc437a1ef9af2039d99434c1 RT-IR-6.0.1.tar.gz.asc
As with previous versions of RTIR, it's import to install with a matching
version of RT. The RTIR 6.0 series is compatible with the RT 6.0 series,
and for this version that means 6.0.1 for each. We are continuing the
practice of matching version numbers between RTIR and RT, which we started
with version 5.
If you are upgrading from a previous RTIR version, be sure to review the
RTIR UPGRADING-6.0 upgrade documentation:
https://docs.bestpractical.com/rtir/latest/UPGRADING-6.0.html
If you are also upgrading to RT 6.0.1, be sure to also read its
documentation, available at
https://docs.bestpractical.com/rt/latest/UPGRADING-6.0.html
General Updates and Fixes
- Update pages to use RT 6 page layouts for Create, Display, and Update
- Convert default RTIR homepage components to saved searches
- Add saved search option to identify RTIR searches
- Update interface to use RT 6 gearbox SVG instead of edit links
- Mark RTIR components as accessible for the homepage
- Preserve constituency settings in htmx saved searches
- Migrate Create/Display/Update pages to RT page layouts
- Show both incident and investigation widgets on incident create page
- Remove obsolete ticket edit page
- Remove Basics widget from ticket Advanced page
- Update Reply All pages to improve layout and appearance
- Update html and css to be compatible with RT 6
- Support to "unset" even if one radio is checked
- Only update RTIR search formats when format is available
- Migrate to default queue select in RTIR query builder
- Migrate Description custom field to ticket's core Description field
- Apply $DefaultQueue's display/value callbacks to $RTIR_DefaultQueue
- Clean up unused variables on incident create page
- Update old submit name "CreateWithInvestigation" to "InvestigationSubmitTicket"
- Update create_incident_and_investigation to reflect RT page layout change
- Note Owner change on children when an Incident is resolved
- Set Content only when a value is returned from transactions
- Explicitly mark HasIncident link as an RTIR search
- Shorten search queries to make URL more concise
- Use default format for BulkAbandon/BulkReject links on search pages
- Add necessary callbacks on Advanced page for TicketLocking extension
- Make /Views/Component/PageMenu work with RTIR
- Explicitly unset Format for BulkAbandon/BulkReject links
- Use different page layouts on Incidents based on Classification
- Update formatting for lookup tools for RT 6
- Make lookup buttons smaller to not overwhelm the page
- Add IPinfo.io as a lookup tool
- Add RTIR configs to RT system config edit page
- Add the missing title actions in LinkedQueues widget for constituency
- Remove the Iframe research tool config and pages
- Remove Bugtraq from default Feeds configuration
- Update the removed RTIR search results link to the RT version
- Move "rtir" CSS class to .main-container
- Update logo and body css class when updating pages via boosted requests
- Exclude tools that require a token from tests
- Document conversion of homepage components to searches
- Document the migration of Description custom field
Internals
- Update docker image for tests
- Update GitHub actions to use Node 20
- Move Menu() calls to the new PrivilegedMainNav callback
- Update initialdata for rights and dashboard changes in RT
- PopupTimerLink now requires a TicketObj to be passed
- MyRT now accepts a Dashboard object rather than Panes
- Update Saved Searches tests for RT changes
- CollectionAsTable now has a div in the td
- Update user link test for new avatar format
- Labels no longer have the trailing colons
- Update LimitToQueue to LimitToObjectId for templates and scrips
- Update to new Dashboard and SavedSearch methods and names
- Use RT 6 base Dockerfile for tests
- Require RT 6 in Makefile.PL
- RT 6 has non-blocking sessions, so no need to release
- Remove obsolete files that were for old Create/Display pages
- Remove deprecated/obsolete mason files
- Note the removal of the AfterTimeWorked callback
- No need to explicitly undef $agent any more
- Document DutyTeam and Owner default rights
- Document the format change for bulk operations
- Update RT 5 references to RT 6
A complete changelog is available from git by running:
git log 5.0.8..6.0.1
or visiting
5.0.8...6.0.1
5.0.8
RTIR 5.0.8 - 2025-05-02
RTIR 5.0.8 is now available for general use. The list of changes
included with this release is below. When upgrading RTIR, you should
also upgrade RT to version 5.0.8 for compatibility with this release and
to get new features and fixes in RT.
Note that there was no RTIR 5.0.7 public release.
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.8.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.8.tar.gz.asc
SHA-256 sums
e4fe63aeee4bbdc6ce93993a48ca64d7e6dfa5bc90ea4eaa843c7a43c8826bde RT-IR-5.0.8.tar.gz
a553fbe848fde6eff42a69a23adaf6970c66a5462d1f357b2cc1c309785c57c0 RT-IR-5.0.8.tar.gz.asc
General Updates and Fixes
- Support queue-level custom field groupings
- Add tests for 0.0.0.0, 0.0.0.0/0, and 1.0.0.0/0
- Improve IPv4 Regex
- Add tests for IPv6 all zero IPs
- Improve IPv6 Regex
- Test the important part of gpg warning message instead
- Update warning message tests for gpg 2.2
- Document WebStrictBrowserCache in RTIR config
- Apply CVE ID based on lifecycle rather than queue name
- Update test docker image to the latest version
- Limit constituency to find the correct incident queue on create page
- Fix custom field grouping by queue/category
- Correct ticket links in AttachReports
- Unapply Incidents Processes class globally
A complete changelog is available from git by running:
git log 5.0.6..5.0.8
or visiting
5.0.6...5.0.8
4.0.4
RTIR 4.0.4 - 2025-05-02
RTIR 4.0.4 is now available. The list of changes included
with this release is below.
https://download.bestpractical.com/pub/rt/release/RT-IR-4.0.4.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-4.0.4.tar.gz.asc
SHA-256 sums
6ce2273c31ce729d34900c94dc2da1735226d178d6127ad4fd5ed465e22aa824 RT-IR-4.0.4.tar.gz
b0dbc236761de311d1279d9b36573d8f019bf2682548488940aa4090dd351cf7 RT-IR-4.0.4.tar.gz.asc
General Updates and Fixes
- Support queue-level custom field groupings
- Add tests for 0.0.0.0, 0.0.0.0/0, and 1.0.0.0/0
- Improve IPv4 Regex
- Add tests for IPv6 all zero IPs
- Improve IPv6 Regex
- Test the important part of gpg warning message instead
- Update warning message tests for gpg 2.2
- Correct ticket links in AttachReports
A complete changelog is available from git by running:
git log 4.0.3..4.0.4
or visiting
4.0.3...4.0.4
5.0.6
RTIR 5.0.6 - 2024-05-06
RTIR 5.0.6 is now available for general use. The list of changes
included with this release is below. When upgrading RTIR, you should
also upgrade RT to version 5.0.6 for compatibility with this release and
to get new features and fixes in RT.
Note that there was no RTIR 5.0.5 public release.
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.6.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.6.tar.gz.asc
SHA-256 sums
95810631c7f9dde58744d3bd9e9a8c9602b48d64d3c763032e6c4f7ac16b4848 RT-IR-5.0.6.tar.gz
ad6380624307a853e9b5cc37df08ba32f5c5d15235d74dc8d18ac17a5c28bf3a RT-IR-5.0.6.tar.gz.asc
Strict Browser Cache Configuration Option
CVE-2024-3262 describes previously viewed pages being stored in the
browser cache, which is the typical default behavior of most browsers to
enable the "back" button. Someone who gains access to a host computer could
potentially view ticket data using the back button, even after logging out
of RT. The CVE specifically references RT version 4.4.1, but this behavior
is present in most browsers viewing all versions of RT before 5.0.6.
RT 5.0.6 adds a new configuration option, $WebStrictBrowserCache, which
instructs the browser not to cache page content from RT. If you run RT,
including RTIR, with highly sensitive ticket data, you can enable this new
option to prevent browser caching. The default is still disabled, to
allow for normal browser functionality, so you need to enable this option
to run with the new feature.
This new option is implemented in RT 5.0.6, so you need to upgrade RT to
use the feature. As noted above, it's always recommended to upgrade both
RT and RTIR to keep them on compatible versions.
General Updates and Fixes
- Support to show assets on create/display
- Migrate CVE API of NVD to version 2.0
- Selectize user email inputs on create pages
- Document WebStrictBrowserCache in RTIR config
Internals
- Implement incident with simultaneous investigation creation test
- Build from new RT 5.0.4 image
- Disable buildkit to continue using the local network feature
- Update tests to remove the extra space from generated SQL
- Update testing docker image to Debian bullseye
A complete changelog is available from git by running:
git log 5.0.4..5.0.6
or visiting
5.0.4...5.0.6
5.0.4
RTIR 5.0.4 - 2023-05-04
RTIR 5.0.4 is now available for general use. The list of changes
included with this release is below. When upgrading RTIR, you
should also upgrade RT to version 5.0.4 for compatibility with
this release and to get all updates in RT.
May the Fourth be with you!
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.4.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.4.tar.gz.asc
SHA-256 sums
a00fd1a723d8a7b67d66227168dfac3958d8f805134ff540532276fbb25a496d RT-IR-5.0.4.tar.gz
dea6c11cedc49a97db8381338880506150408971dafc122a6bceb6aa40511c7d RT-IR-5.0.4.tar.gz.asc
General Updates and Fixes
- Set "How Reported" CF from CurrentInterface
- Create How Reported with valid values of CurrentInterface
- Adjust gnupg widget on reply incident page
- Add Process Articles for Classification
- Update upgrading instructions with Process Articles information
- Update RTIR Admin Tutorial with Process Articles information
- Add 'SeeCustomField' right to DutyTeam on Templates Articles class
- Note the right change for the Templates class
- Use consistent space among input rows for ticket forms
- Document the changes to RTIR_SetHowReported in UPGRADING
- Move "Templates" class creation from @Final to @classes
- End WHOIS commands with CRLF to avoid timeouts for whois searches
- Improve External Feeds message when no content found
Internals
- Use RTs perl from the base docker image
- Install dependencies with cpm
- Split build and test in github actions
- Test MariaDB current long term support version
- Test against a supported Postgresql version
- Run with 5 parallel processes like the core RT tests
A complete changelog is available from git by running:
git log 5.0.3..5.0.4
or visiting
5.0.3...5.0.4
Contributors
Assets 3
5.0.3
RTIR 5.0.3 - 2022-07-13
RTIR 5.0.3 is now available for general use. The list of changes
included with this release is below. In addition to the new features
and bug fixes listed below, this release contains security fixes.
When upgrading RTIR, you should also upgrade RT to version 5.0.3 for
compatibility with this release and to get security updates in RT.
Note that there was no RTIR 5.0.2 public release.
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.3.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.3.tar.gz.asc
SHA-256 sums
3f59e713cb439f33b3abbcc18226ee6ab9f782a3607317e0529e72dbe443f89f RT-IR-5.0.3.tar.gz
9b6b0610492443fb0f0abb7d945276e4fe6b1eceab43e240757a11ba162c3741 RT-IR-5.0.3.tar.gz.asc
Security
The following security issues are fixed in this release. Thanks to the
Polish Financial Supervision Authority IT Security Department (UKNF)
for reporting these issues.
-
RTIR's Whois lookup tool is vulnerable to server-side request forgery (SSRF).
It accepts queries in a way that could allow sending requests from the RTIR
server to a resource other than the intended whois server. Because the request
comes from the RTIR server, this could allow access to otherwise protected
resources. This vulnerability is assigned CVE-2022-25800. -
RTIR's Scripted Action tools is vulnerable to server-side request forgery
(SSRF) similar to the one described above. This vulnerability is assigned
CVE-2022-25801.
General Updates and Fixes
- Migrate RTIR homepage to dashboard
- Update ticket search value quoting to align with new RT search options
- Support to hide unset fields on display pages
- Remove the yellow border in warning message box
- Add UPGRADING note about the change to dashboard RTIR homepage
- Support to configure RTIR homepage globally
- Add UPGRADING note about the global "RTIR at a glance" configuration page
- Add tooltip to select incident text input if it's below the label
- Skip default "Content" custom field when inserting articles from "Templates"
- Replace discontinued Security Focus feed with Full Disclosure
- Document deselecting the Content CF
- Extract IP from more attachments if main content doesn't have any.
- Allow users to comment on Incidents when resolving
- Add the missing "?" delimiter for "New ..." menu links on FromIncident page
- Add Custom Field "CVE ID" to keep track of CVE
- Add CVE widget to show info from nvd.nist.gov
- Extract CVE IDs from content
- Add upgrading notes for CVE ID
- Add ticket id info to "Back to ..." search page menus
- Migrate plain checkboxes to bootstrap's custom-checkbox for consistency
- Make ticket updates atomic on edit page
- Document atomic change in Upgrading doc
- Update TimeWorked for incident only on incident reply/resolve pages
- Document changes to message and time processing
Internals
- Add maps from default to/from RTIR lifecycles
- Update tests for the migration of Homepage => dashboard
- Add callbacks to the feed listing and display pages
- Add necessary callbacks for MandatoryOnTransition
- Load queue object in GetRTIRDefaultQueue to make sure it's valid and visible
- Add tests for default RTIR queue rights check
- Add EndOfBasics callback to ticket display pages
- Test IP extraction from more attachments
- Test CVE ID extraction
- Call ProcessUpdateMessage first to update TimeWorked on incident display page
A complete changelog is available from git by running:
git log 5.0.1..5.0.3
or visiting
5.0.1...5.0.3
4.0.3
RTIR 4.0.3 - 2022-07-13
RTIR 4.0.3 is now available, primarily providing bug fixes. The list of
changes included with this release is below. In addition to the
bug fixes listed below, this release contains security fixes.
When upgrading RTIR, you should also upgrade RT to version 4.4.6 for
compatibility with this release and to get security updates in RT.
https://download.bestpractical.com/pub/rt/release/RT-IR-4.0.3.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-4.0.3.tar.gz.asc
SHA-256 sums
2c6a57ff0da877f40b81d7d24c27609d350251ecfa97534e6657349a14bf10aa RT-IR-4.0.3.tar.gz
a9ed2484fe64ab3e12380e055659b7bdb9c743619e5d2d77883b5709c8ccd944 RT-IR-4.0.3.tar.gz.asc
Security
The following security issues are fixed in this release. Thanks to the
Polish Financial Supervision Authority IT Security Department (UKNF)
for reporting these issues.
-
RTIR's Whois lookup tool is vulnerable to server-side request forgery (SSRF).
It accepts queries in a way that could allow sending requests from the RTIR
server to a resource other than the intended whois server. Because the request
comes from the RTIR server, this could allow access to otherwise protected
resources. This vulnerability is assigned CVE-2022-25800. -
RTIR's Scripted Action tools is vulnerable to server-side request forgery
(SSRF) similar to the one described above. This vulnerability is assigned
CVE-2022-25801.
General Updates and Fixes
- Fix squelching functionality on update page
- Remove unavailable TrustedSource.org from $RTIRIframeResearchToolConfig
A complete changelog is available from git by running:
git log 4.0.2..4.0.3
or visiting
4.0.2...4.0.3
4.0.2
RTIR 4.0.2 - 2021-09-14
RTIR 4.0.2 is now available, primarily providing updates for compatibility
with RT 4.4.5. The list of changes included with this release is below.
If you upgrade RT to 4.4.5 on your RTIR instance, you also need to update
to RTIR 4.0.2.
https://download.bestpractical.com/pub/rt/release/RT-IR-4.0.2.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-4.0.2.tar.gz.asc
SHA-256 sums
f5c5575e4f54dba5c6ffff89f2d0a4f198f150652763f25168ecd93e026ec608 RT-IR-4.0.2.tar.gz
2a4ad7222fa73ac93a32bcd83f2b7a39d0892ae9c89ae954a0fd974cdc13278c RT-IR-4.0.2.tar.gz.asc
Changes
- Update ticket search value quoting for compatibility with RT 4.4.5
- Allow more whitespace when matching has_watchers anchor tags to
- Remove the bfk_dnslogger tool because it has been discontinued due to GDPR.
A complete changelog is available from git by running:
git log 4.0.1..4.0.2
or visiting
4.0.1...4.0.2
5.0.1
RTIR 5.0.1 - 2021-01-29
RTIR 5.0.1 is now available for general use. The list of changes
included with this release is below.
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.1.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.1.tar.gz.asc
SHA-256 sums
704e3c8c3f06492dd9f5b7003c6f8e9062b4556da58cb752ae3d1f37183715ed RT-IR-5.0.1.tar.gz
35e8342650b7ee842a32ec67234fac8dddead8e34c2f66c58f1a2bbd67372109 RT-IR-5.0.1.tar.gz.asc
General Updates and Fixes
- Add inline edit functionality to custom RTIR ticket pages
- Pass Requestors through queue selection modal if provided
- Handle emails with +tags in 'Investigate to' MakeClicky links
- Disable IncludeWebPath flag on ExteneralFeeds link generation
- Include full web path for RTIR page edit cog
- Move file attachment box below message box for consistency with RT
- For clarity, convert Incident report Take/Steal button from icon to text
- Don't override default empty messages if it's not RTIR queue
- Remove countermeasure queues from %LinkedQueuePortlets when disabled
- Customize search "Show Results" menu text for action pages to avoid confusion
- Fix Query used for "Edit Search" menu on merge pages
- Add ARG for /RTIR/Elements/ShowIncidents to add classes when in a form
A complete changelog is available from git by running:
git log 5.0.0..5.0.1
or visiting
5.0.0...5.0.1
5.0.0
RTIR 5.0.0 - 2020-07-17
We're pleased to announce the general availability of RTIR 5.0.0. This
release introduces a major update of the web UI, following the RT
update to the popular open source Bootstrap front-end toolkit. This
brings to RTIR (and RT) a modern, responsive layout, keeping all of
the familiar features of RTIR. Details on this and other changes and
new features are below.
You can get the new version here:
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.0.tar.gz
https://download.bestpractical.com/pub/rt/release/RT-IR-5.0.0.tar.gz.asc
SHA-256 sums
1230c6b689435bff5798431f740830aadedb98626a72bf51210dc648a0a675d4 RT-IR-5.0.0.tar.gz
72fbb7fc2534243890cc95a2f41dfc85e9d755649ac23735b369feab109b9be1 RT-IR-5.0.0.tar.gz.asc
As with previous versions of RTIR, it's import to install with a matching
version of RT. The RTIR 5.0 series is compatible with the RT 5.0 series.
If you have used past versions of RTIR, you'll know that in the past the
version numbers were independent, which could lead to some confusion. With
this new release, the major series version numbers between RTIR and RT are
the same and we hope this makes it easier to find compatible versions.
If you are upgrading from a previous RTIR version, be sure to review the
RTIR UPGRADING-5.0 upgrade documentation:
https://docs.bestpractical.com/rtir/5.0.0/UPGRADING-5.0.html
If you are also upgrading to RT 5.0.0, be sure to also read its
documentation, available at
https://docs.bestpractical.com/rt/5.0.0/UPGRADING-5.0.html
There were many, many changes throughout RTIR to support these major new
features. In addition to the theme updates, RTIR has a new feed reader,
the search and charting interface now uses RT's core search system,
and default custom field values now use RT's core default values feature.
Here is an abbreviated list of additional changes:
- Convert to Bootstrap as base web design framework, aligning with RT
- Remove table-based page layout and make design responsive
- Support RT's new elevator-light and elevator-dark themes
- Convert many on-screen hints/help to tooltips
- Add Fontawesome and update all icons to svg
- The main navigation menu for RTIR has been restored to the previous main
RTIR menu item, and this menu now appears next to the Home menu - Queue can now be selected on the ticket create page
- Use RT's LinkedQueuePortlets feature for linked queues on Incident display
- Add RTIR_DefaultQueue option to set a default queue in RTIR create pages
- Fix message box colors for reply/comment on reply pages
- Migrate to RT core search for RTIR search pages
- Use RT ListActions to show warnings for Incident reply page
- Remove hard coded width values for RTIR simple search
- Add Priority to RTIR portlets and orderby Priority 2nd
- Remove the session cache of the "RTIR at a glance" portlet lists
- Use new search selection interface for editing RTIR home page
- Update style on RTIR default reporting page
- Add new feature to display information from security feeds
- Convert Updates to new column map to show message count
- Link to RT ticket create on RTIR create pages
- Update testing infrastructure to Docker and TravisCI
- Restore Incident and Investigation create on one page
- Add new domain parsing to a custom field similar to IP parsing
- Use core default values instead of RTIR_CustomFieldsDefaults config
- Display RTIR::Ticket CF groupings on queue admin Default Values tab
- Add autocomplete for select Incident input
- Rename SelectIncident input from 'More' to 'Add'
- Remove the confusing incident Reply sub-menu link on Incident Reply pages
A complete changelog is available from git by running:
git log 4.0.1..5.0.0
or visiting
4.0.1...5.0.0