Changesets: MantisBT
|
master 8b23ec29 2010-09-02 18:34 Details Diff |
Add empty Developers Guide created with publican | ||
| add - docbook/Developers_Guide/en-US/Revision_History.xml | Diff File | ||
| add - docbook/Developers_Guide/publican.cfg | Diff File | ||
| add - docbook/Developers_Guide/en-US/Book_Info.xml | Diff File | ||
| add - docbook/Developers_Guide/en-US/Preface.xml | Diff File | ||
| add - docbook/Developers_Guide/en-US/Developers_Guide.ent | Diff File | ||
| add - docbook/Developers_Guide/en-US/Chapter.xml | Diff File | ||
| add - docbook/Developers_Guide/en-US/Developers_Guide.xml | Diff File | ||
| add - docbook/Developers_Guide/en-US/Author_Group.xml | Diff File | ||
|
master 2d0e00a4 2010-09-02 18:32 Details Diff |
replace "link" tag with "xref" for cross references | ||
| mod - docbook/Admin_Guide/en-US/Configuration.xml | Diff File | ||
| mod - docbook/Admin_Guide/en-US/Page_Descriptions.xml | Diff File | ||
| mod - docbook/Admin_Guide/en-US/Authentication.xml | Diff File | ||
| mod - docbook/Admin_Guide/en-US/Installation.xml | Diff File | ||
|
master c4f0d68e 2010-09-02 07:58 Details Diff |
Issue 0012312: Provide patch for NuSOAP XSS fix and update README.libs |
Affected Issues 0012312 |
|
| add - library/nusoap/0001-Fix-12312-NuSOAP-web-description-XSS-vulnerability.patch | Diff File | ||
| mod - library/README.libs | Diff File | ||
|
master-1.2.x bce955ce 2010-09-02 07:58 Details Diff |
Issue 0012312: Provide patch for NuSOAP XSS fix and update README.libs |
Affected Issues 0012312 |
|
| mod - library/README.libs | Diff File | ||
| add - library/nusoap/0001-Fix-12312-NuSOAP-web-description-XSS-vulnerability.patch | Diff File | ||
|
master edb81799 2010-09-02 07:51 Details Diff |
Fix 0012312: NuSOAP web description XSS vulnerability Bogdan Calin from Acunetix discovered a number of XSS vulnerabilities in NuSOAP 0.9.5 (bundled with MantisBT) relating to improperly escaped URLs. A sample exploit URL is: /api/soap/mantisconnect.php?1<ScRiPt>prompt(923395)</ScRiPt> The upstream report for these XSS flaws in NuSOAP is located at the following URL: http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005 This patch provides an interim fix for MantisBT users until upstream makes a new release. |
Affected Issues 0012312 |
|
| mod - library/nusoap/nusoap.php | Diff File | ||
| mod - library/nusoap/class.wsdl.php | Diff File | ||
|
master-1.2.x 6b2e7153 2010-09-02 07:51 Details Diff |
Fix 0012312: NuSOAP web description XSS vulnerability Bogdan Calin from Acunetix discovered a number of XSS vulnerabilities in NuSOAP 0.9.5 (bundled with MantisBT) relating to improperly escaped URLs. A sample exploit URL is: /api/soap/mantisconnect.php?1<ScRiPt>prompt(923395)</ScRiPt> The upstream report for these XSS flaws in NuSOAP is located at the following URL: http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005 This patch provides an interim fix for MantisBT users until upstream makes a new release. |
Affected Issues 0012312 |
|
| mod - library/nusoap/nusoap.php | Diff File | ||
| mod - library/nusoap/class.wsdl.php | Diff File | ||
|
master-1.2.x 085097fc 2010-09-02 04:33 Committer: dhx Details Diff |
Fix 0012309: XSS issues when viewing Summary page Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0012309 |
|
| mod - core/summary_api.php | Diff File | ||
|
master 61e90d06 2010-09-02 04:33 Committer: dhx Details Diff |
Fix 0012309: XSS issues when viewing Summary page Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0012309 |
|
| mod - core/summary_api.php | Diff File | ||
|
master 41075e5a 2010-09-01 15:48 Details Diff |
Fix Issue 0012314 Plugin filter rows are broken when more than one row of plugin filters are used. |
Affected Issues 0012314 |
|
| mod - core/filter_api.php | Diff File | ||
|
master-1.2.x 2de04c7f 2010-09-01 15:48 Details Diff |
Fix Issue 0012314 Plugin filter rows are broken when more than one row of plugin filters are used. |
Affected Issues 0012314 |
|
| mod - core/filter_api.php | Diff File | ||
|
master-1.2.x dd5810ec 2010-08-29 14:08 Details Diff |
Localisation updates from http://translatewiki.net | ||
| mod - lang/strings_ripoarisch.txt | Diff File | ||
| mod - lang/strings_norwegian_bokmal.txt | Diff File | ||
| mod - lang/strings_ukrainian.txt | Diff File | ||
| mod - lang/strings_urdu.txt | Diff File | ||
| mod - lang/strings_german.txt | Diff File | ||
| mod - lang/strings_romanian.txt | Diff File | ||
| mod - lang/strings_slovene.txt | Diff File | ||
| mod - lang/strings_serbian.txt | Diff File | ||
| mod - lang/strings_dutch.txt | Diff File | ||
| mod - lang/strings_macedonian.txt | Diff File | ||
| mod - lang/strings_chinese_traditional.txt | Diff File | ||
| mod - lang/strings_occitan.txt | Diff File | ||
|
master b729d5de 2010-08-27 14:46 Details Diff |
Fix incorrectly named form. | ||
| mod - manage_columns_inc.php | Diff File | ||
|
master b30ca3b9 2010-08-27 14:25 Details Diff |
Fix 0012304 - If plugins set a params value for plugin filters the values are dropped. |
Affected Issues 0012304 |
|
| mod - core/filter_api.php | Diff File | ||
|
master-1.2.x 9d56dad2 2010-08-27 14:25 Details Diff |
Fix 0012304 - If plugins set a params value for plugin filters the values are dropped. |
Affected Issues 0012304 |
|
| mod - core/filter_api.php | Diff File | ||
|
master 7ec1d497 2010-08-27 13:00 Details Diff |
Issue 0011826 - Remove all inline JavaScript from MantisBT (use external scripts instead) Issue 0011995 - Add CSS IDs to html elements for styling and javascript access. |
Affected Issues 0011826, 0011995 |
|
| mod - css/default.css | Diff File | ||
| mod - core/html_api.php | Diff File | ||
| mod - javascript/dev/common.js | Diff File | ||
| mod - javascript/common.js | Diff File | ||
|
master 02aac88d 2010-08-27 03:07 Details Diff |
Fix 0012300 - Logout button hidden behind issue # box |
Affected Issues 0012300 |
|
| mod - css/default.css | Diff File | ||
| mod - core/html_api.php | Diff File | ||
|
master 47d77d67 2010-08-26 12:12 Details Diff |
Hide generic preface stuff for now | ||
| mod - docbook/Admin_Guide/en-US/Admin_Guide.xml | Diff File | ||
|
master 839f1d68 2010-08-25 15:50 Details Diff |
Fix 0006626 - Add text area custom field type. Add column to handle long text input. If the custom field type is TEXTAREA values are inserted into the text field. Otherwise they are inserted into the existing value field. Filters for TEXTAREA custom fields are not populated with existing data. A text box is provided and a LIKE query is performed. |
Affected Issues 0006626 |
|
| mod - lang/strings_english.txt | Diff File | ||
| mod - core/cfdefs/cfdef_standard.php | Diff File | ||
| mod - core/custom_field_api.php | Diff File | ||
| mod - core/filter_api.php | Diff File | ||
| mod - admin/schema.php | Diff File | ||
| mod - config_defaults_inc.php | Diff File | ||
| mod - core/constant_inc.php | Diff File | ||
|
master 6b5e037c 2010-08-25 01:31 Details Diff |
Bug 0011826, Bug 0011995, Fix invalid html in the view all bug filter. Add divs, classes and id's where necessary to facilitate moving style elements into css and inline javascript into javascript files. |
Affected Issues 0011826, 0011995 |
|
| mod - css/default.css | Diff File | ||
| mod - core/filter_api.php | Diff File | ||
| mod - javascript/dev/common.js | Diff File | ||
| mod - javascript/common.js | Diff File | ||
|
master 99a9d104 2010-08-25 01:19 Details Diff |
remove border. It is not a valid tr attribute. | ||
| mod - view_all_inc.php | Diff File | ||
|
master c0d22392 2010-08-25 01:18 Details Diff |
Move styles for recently-visited into css. remove html style elements. | ||
| mod - css/default.css | Diff File | ||
| mod - core/print_api.php | Diff File | ||
|
master e087425c 2010-08-25 01:10 Details Diff |
Bug 0011826 - Remove inline javascript for bug-jump field and put it in common.js. Add css styles for bug-jump. |
Affected Issues 0011826 |
|
| mod - css/default.css | Diff File | ||
| mod - core/html_api.php | Diff File | ||
| mod - javascript/dev/common.js | Diff File | ||
| mod - javascript/common.js | Diff File | ||
|
master 60836667 2010-08-25 00:56 Details Diff |
Add missing closing tags. | ||
| mod - core/html_api.php | Diff File | ||
|
master 94c2e872 2010-08-25 00:56 Details Diff |
Use class rather than id for the menu links. They may appear more than once on the page. |
||
| mod - core/html_api.php | Diff File | ||
|
master 5dec982e 2010-08-25 00:54 Details Diff |
Remove extra \". | ||
| mod - core/collapse_api.php | Diff File | ||
