MantisBT 1.2.4 Released

Howdy all,

MantisBT 1.2.4 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are advised to upgrade to this release.

Gjoko Krstic of Zero Science Lab reported multiple vulnerabilities in the admin/upgrade_unattended.php script. Issue #12607 provides more detail on the vulnerabilities discovered. We thank Gjoko for his detailed assistance with testing, patching and answering questions. Please note that the /admin/ directory should be removed from all MantisBT installations after the installation or upgrade has been completed. This is particularly true for MantisBT installations accessible over the Internet.

Also included with 1.2.4 are some bug fixes relating to fonts in the MantisGraph plugin, SOAP API, CSV export, custom field values, relationship graphs, fields on the manage user page, built-in time tracking and the allow_reporter_close feature. This release includes updated translations for many languages and improved installation documentation in doc/INSTALL.

A full changelog for the 1.2.x series can be found on the official site:
http://www.mantisbt.org/bugs/changelog_page.php?version_id=112

The release is available for download at:
http://www.mantisbt.org/download.php

Cheers

16 thoughts on “MantisBT 1.2.4 Released”

  1. Why don’t you provide the ability to upgrade using patch files instead of recommending a delete/replace procedure?

    It’s as simple as creating a patch file: git diff release-1.2.3..release-1.2.4 > mantis-1.2.3-to-1.2.4.patch, and providing this file available for download: https://gist.github.com/741968

  2. Forgot to mention: you can then update your Mantis installation through a simple command: patch -p0 < mantis-1.2.3-to-1.2.4.patch. Much handier.

  3. @Wim: I don’t believe that would work on a Windows installation without also installing GIT. And would make another piece of unrelated software required to patch, which would be a little difficult.

    Don’t get me wrong, i wish they would release an incremental update zip as well. For those cases where i have customizations in files that weren’t updated. In the current process i have to always check to make sure the customizations don’t get overwritten.

  4. Congrats and thanks for all work done, btw In post like these, a link to :

    * Here’s how to simply update
    * Get updated Click here to download lates

    would benefit most readers of this page IMHO

  5. Forgot to mention: you can then update your Mantis installation through a simple command: patch -p0 < mantis-1.2.3-to-1.2.4.patch. Much handier.

    Thanks for this.

  6. Hi,
    I currenly have 1.1.2 version. I would like to upgrade 1.2.4 version but I have seen there’s lots of changes in the code as in the database structure. Is there any way to update my database for it to adapt to the new structure without lose information. Thanks for your help.

  7. @Styven Logout, backup code, attachments, database, and config, update code from latest version, go to the site and it will tell you on the login page that your schema is out of date, click and it will upgrade it for you.

  8. @vboctor does this work for mssql databses now as well? there are many people who have problems with upgrading from 1.1.x to any of the 1.2.x versions

  9. Vboctor, i already tryed all the upgrading steps from the managed module, it adds me the tables in the database that I need and I also adjust the data type of the fields that I need, but the tables and fields with no data leaves me with no data I’m always going to get errors query. I see that the dates camp there no longer datetime but int but when its upgrades doesn’t do the conversion, and also some problems with the category because now its handels on a separate table. If somebody had done a correct upgrade of a 1.1.x to an 1.2x version, i would be so thankful if you can help me. thanks for your information vboctor.

  10. Hi,I tried to install v1.2.4, but the email do not work, could you please tell how to set it?thanks!

  11. @Mark Hosang: Any serious server environment has the patch command installed. Patch files, in combination with version control, are the only sane system to update software. Deleting old code + unzipping new code is archaic, error prone and not as easily reversible in case the update breaks something.

  12. Great program. Keep up the good work. Have been using this for quite some time and it works very well.

  13. Congrats and thanks for all work done, btw In post like these, a link to :

    * Here’s how to simply update
    * Get updated Click here to download lates

    would benefit most readers of this page IMHO

Comments are closed.