MantisBT 1.2.4 Released

Global announcements, rules, administrative notes, etc.

Moderators: Developer, Contributor

Post Reply
atrol
Site Admin
Posts: 8366
Joined: 26 Mar 2008, 21:37
Location: Germany

MantisBT 1.2.4 Released

Post by atrol »

MantisBT 1.2.4 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are advised to
upgrade to this release.

Gjoko Krstic of Zero Science Lab reported multiple vulnerabilities in the
admin/upgrade_unattended.php script. Issue #12607 provides more detail on the
vulnerabilities discovered. We thank Gjoko for his detailed assistance with
testing, patching and answering questions. Please note that the /admin/
directory should be removed from all MantisBT installations after the
installation or upgrade has been completed. This is particularly true for
MantisBT installations accessible over the Internet.

Also included with 1.2.4 are some bug fixes relating to fonts in the
MantisGraph plugin, SOAP API, CSV export, custom field values, relationship
graphs, fields on the manage user page, built-in time tracking and the
allow_reporter_close feature. This release includes updated translations for
many languages and improved installation documentation in doc/INSTALL.

A full changelog for the 1.2.x series can be found on the official site:
http://www.mantisbt.org/bugs/changelog_ ... ion_id=112

The release is available for download at:
http://www.mantisbt.org/download.php
Please use Search before posting and read the Manual
Post Reply