MantisBT 1.2.4 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are advised to upgrade to this release.
- 0011351: [administration] User Real Name and E-Mail values deleted (dhx) - closed. - 0011502: [bugtracker] No Close button for Reporter if allow_reporter_close is enabled (dhx) - closed. - 0010995: [reports] Graphs Plugin: Unable to read/find font (dhx) - closed. - 0012462: [documentation] Wrong instruction order for new installations (atrol) - closed. - 0011563: [plug-ins] Fatal error importing issues (dhx) - closed. - 0012601: [upgrade] Upgrading scripts sometimes fails with a server error in case of large databases (vboctor) - closed. - 0012174: [administration] Manage Columns not saving (daryn) - closed. - 0007328: [other] ini_get_number() interprets K and M suffixes incorrectly (dhx) - closed. - 0009338: [csv] CSV export does not escape all characters (dhx) - closed. - 0011299: [security] "IRC Chat" URL not correctly encoded (dhx) - closed. - 0012286: [filters] When advanced filter "Project" is set to "All Projects", sub projects are excluded (dhx) - closed. - 0012362: [tagging] When confirming Delete Tag goes to View Issues screen. (dhx) - closed. - 0012354: [html] HTML validation error (dhx) - closed. - 0003767: [custom fields] Enumeration Custum fields with html-special chars get unselected on bug-update (grangeway) - closed. - 0009663: [roadmap] Wrong underline-charcount when Project-Name contains htmlspecialchars (dhx) - closed. - 0012061: [other] Status percentage bar counts issues hidden to user (dhx) - closed. - 0012344: [administration] In manage_user_page.php changing page resets sort criteria (atrol) - closed. - 0012383: [html] Use of invalid color "brown" in CSS (atrol) - closed. - 0012474: [security] bug_report XSS issue when report_stay=1 (dhx) - closed. - 0009036: [localization] Translation fault / translation confusion (confirm_custom_field_unlinking) (siebrand) - closed. - 0010887: [localization] button names don't describe what it does very well (siebrand) - closed. - 0012363: [time tracking] billing report seems not to include enddate (dhx) - closed. - 0012471: [reports] Relationships graph doesn't cope well with custom bug id formats (dhx) - closed. - 0012500: [localization] Missing localization in extended project browser (siebrand) - closed. - 0012504: [administration] Error on email and realname fields in Edit User page accessed by username (dhx) - closed. - 0012528: [documentation] Change to INSTALL doc file (atrol) - closed. - 0012566: [documentation] Time Tracking: copy wiki note in administration_guide (giallu) - closed. - 0012607: [security] LFI/FD and XSS in the 'upgrade_unattended.php' (vboctor) - closed. - 0012360: [api soap] [PATCH] Get id of project with specified name via SOAP API (rombert) - closed. - 0012540: [api soap] mc_issue_attachment_get does not use the path for the file (rombert) - closed.