Return-Path: X-Original-To: apmail-couchdb-commits-archive@www.apache.org Delivered-To: apmail-couchdb-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CF50811F81 for ; Thu, 21 Aug 2014 23:45:27 +0000 (UTC) Received: (qmail 13295 invoked by uid 500); 21 Aug 2014 23:45:27 -0000 Delivered-To: apmail-couchdb-commits-archive@couchdb.apache.org Received: (qmail 13100 invoked by uid 500); 21 Aug 2014 23:45:27 -0000 Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list commits@couchdb.apache.org Received: (qmail 13078 invoked by uid 99); 21 Aug 2014 23:45:27 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Aug 2014 23:45:27 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 5F5FB9C740B; Thu, 21 Aug 2014 23:45:27 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: dch@apache.org To: commits@couchdb.apache.org Date: Thu, 21 Aug 2014 23:45:28 -0000 Message-Id: In-Reply-To: <3018c02dd24a4bc985a826ce7d398dd1@git.apache.org> References: <3018c02dd24a4bc985a826ce7d398dd1@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [2/2] couchdb commit: updated refs/heads/1.6.x to 31dc596 docs: include release notes for improved handling of admin password hashing - closes COUCHDB-2298 - closes COUCHDB-2299 Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/31dc5960 Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/31dc5960 Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/31dc5960 Branch: refs/heads/1.6.x Commit: 31dc5960d418e17eb454563330338abfd5fbbc23 Parents: 5e46f3b Author: Dave Cottlehuber Authored: Fri Aug 22 00:18:11 2014 +0200 Committer: Dave Cottlehuber Committed: Fri Aug 22 01:09:36 2014 +0200 ---------------------------------------------------------------------- share/doc/src/whatsnew/1.6.rst | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/31dc5960/share/doc/src/whatsnew/1.6.rst ---------------------------------------------------------------------- diff --git a/share/doc/src/whatsnew/1.6.rst b/share/doc/src/whatsnew/1.6.rst index a7bdd21..6900215 100644 --- a/share/doc/src/whatsnew/1.6.rst +++ b/share/doc/src/whatsnew/1.6.rst @@ -21,26 +21,36 @@ :depth: 1 :local: +.. warning:: + + :ref:`release/1.6.1` contains important patches to hash of passwords on + restart. The previous :ref:`release/1.6.0` release is not recommended for + usage as certain edge cases with admin passwords may prevent CouchDB from + starting. + .. _release/1.6.x/upgrade: -Upgrade Notes -============= +Deprecations +============ The :ref:`Proxy Authentication ` handler was renamed to -``proxy_authentication_handler`` to follow the ``*_authentication_handler`` form +``proxy_authentication_handler`` to follow the ``*_authentication_handler`` from of all other handlers. The old ``proxy_authentification_handler`` name is marked -as deprecated and will be removed in future releases. It's strongly recommended -to update :config:option:`httpd/authentication_handlers` option with new value -in case if you had used such handler. +as deprecated and will be removed in future releases. It's highly recommended +to update :config:option:`httpd/authentication_handlers` option with the new +value if you have used such a handler. .. _release/1.6.1: Version 1.6.1 ============= -bugfix release: +A bugfix release to handle various edge cases related to admin password hashing. -* Hash admin passwords stored in ``local.ini`` on startup :commit:`ed825d3`. +* :issue:`2298`: Hash plaintext admin passwords stored in ``local.ini`` on startup + :commit:`ed825d3`. +* :issue:`2299`: Filter out local admin users before updating password hash in + ``_users`` db :commit:`5e46f3b`. .. _release/1.6.0: