MantisBT 2.17.0, 2.16.1 and 1.3.16 Released

In order to stay up to date with the latest MantisBT news and participate in our polls, please follow us on twitter and retweet to spread the word!

MantisBT 2.17.0

A feature release including functional improvements and bug fixes.

  • 0024616: [relationships] relationship visibility in different project permission (atrol)
  • 0024632: [tagging] Tag cannot be selected if a tag containing the text of that tag has already been selected (atrol)
  • 0024633: [bugtracker] Late error message when trying to resolve issues (atrol)
  • 0024635: [authorization] Wrong box visibility on My View page (atrol)
  • 0012677: [administration] Please change a search option to manage users (atrol)
  • 0020101: [api soap] mc_filter_search_issues can’t filter by date (community)
  • 0023336: [html] Inline image attachments should have their own container to prevent scrolling (atrol)
  • 0023915: [administration] Search for a part of (Real Name – Username – Email) (atrol)
  • 0024622: [api rest] Add function for creating a new project via REST (community)
  • 0024624: [api rest] Add function for updating a project via REST (community)
  • 0024636: [api rest] Add function to delete a project via REST API (vboctor)
  • 0024643: [ui] bug_actiongroup and custom bug_actiongroup don’t provide the same user experience when displaying error message (dregad)
  • 0024644: [ui] Footer displays behind sidebar on bug_actiongroup.php (dregad)
  • 0024696: [authorization] Custom fields can be changed without having update_bug_threshold access rights (atrol)
  • 0024717: [api soap] Add filter for the “last updated“ date in the soap api (community)
  • 0024719: [administration] Impersonate User is offered for disabled users (atrol)

MantisBT 2.16.1

Maintenance release for 2.16.x series.

  • 0024647: [security] CVE-2018-14895: XSS in bug_actiongroup.php (atrol)

MantisBT 1.3.16

Maintenance release for 1.3.x series.

  • 0024648: [security] CVE-2018-14895: XSS in bug_actiongroup.php (atrol)

Go ahead and download the release from our website.

MantisBT 2.16.0 and 2.15.1 Released

In order to stay up to date with the latest MantisBT news and participate in our polls, please follow us on twitter and retweet to spread the word!

MantisBT 2.16.0

A feature release including functional improvements and bug fixes.

  • 23978: [ui] Fonts are not rendered correctly in Windows clients (atrol)
  • 23992: [ui] Font = Times News Roman after Upgrade from v2.7.0 (atrol)
  • 24416: [upgrade] need help to migrate the Mantis 1.0.8 that my current company has to the latest version of 2.14.0. (dregad)
  • 24501: [installation] MantisBT on Windows – Check for php_fileinfo.dll enabled on php.ini (atrol)
  • 24523: [performance] Unneeded information in Change Log and Roadmap (atrol)
  • 24552: [code cleanup] Code Cleanup (atrol)
  • 24553: [performance] Performance enhancement of config_get_global function (atrol)
  • 24564: [timeline] Missing display of events in Timeline if All Projects is selected (atrol)
  • 24578: [documentation] Documentation: PHP documentation link: “installation.php” -> “install.php” (dregad)
  • 24579: [documentation] Documentation: Admin Guide: Installation: Broken Link “Microsoft IIS”, is now https://docs.microsoft.com/en-us/iis (dregad)
  • 21376: [upgrade] Error in upgrade process 1.2.17 –> 1.3.0 (dregad)

MantisBT 2.15.1

Maintenance release for 2.15.x series.

  • 24580: [security] CVE-2018-13055: Reflected XSS in view filters page (dregad)
  • 24608: [security] CVE-2018-14504: XSS in edit filters page (atrol)

Go ahead and download the release from our website.

MantisBT 2.15.0 Released

In order to stay up to date with the latest MantisBT news and participate in our polls, please follow us on twitter and retweet to spread the word!

MantisBT 2.15.0

A feature release including functional improvements and bug fixes.

  • 0024437: [filters] Cannot save private filter if not allowed to save shared filter (community)
  • 0024496: [wiki] URL encoding precludes reasonable wiki root_namespace values (community)
  • 0024242: [bugtracker] Incorrect issue status setting when changing status (vboctor)
  • 0024388: [api rest] Support create project versions via REST API (vboctor)
  • 0024398: [tagging] Exception Missing Class (atrol)
  • 0024432: [security] Update-Blocker:User-ID instead of Realname
  • 0024139 as due to security policy requirements which prohibit IDs in mails and masks (atrol)
  • 0024435: [filters] show_user_realname_threshold is not considered when sorting by reporter or handler (atrol)
  • 0024436: [ui] Selecting users is not easy if show_realname is set to ON (atrol)
  • 0024470: [other] System warning if $g_log_destination = 'page' when using PHP 7.2 (atrol)
  • 0024462: [api soap] Error while querying for issue header with PHP 7.2 (atrol)
  • 0024476: [performance] Unneeded <meta> tag in <head> section (atrol)
  • 0024139: [ui] $g_show_realname for making usernames private (atrol)

Go ahead and download the release from our website.

MantisBT 2.14.0, 2.13.2, and 1.13.15 Released

In order to stay up to date with the latest MantisBT news and participate in our polls, please follow us on twitter and retweet to spread the word!

MantisBT 2.14.0

A feature release including functional improvements and bug fixes.

  • 0024192: [bugtracker] Update ADOdb to 5.20.12 (dregad)
  • 0024174: [code cleanup] E_DEPRECATED error on php7.2: each() function (dregad)
  • 0024196: [api rest] Update Slim Framework from 3.8.1 to 3.9.2 (vboctor)
  •  0024197: [api rest] Update GuzzleHttp from 6.3.0 to 6.3.2 (vboctor)
  • 0024220: [documentation] Wrong documentation of datetime_picker_format in Admin Guide (atrol)
  • 0024236: [code cleanup] IssueAddCommand Prevents API Folder Removal (atrol)
  • 0024325: [code cleanup] Code Cleanup (atrol)
  • 0024326: [documentation] Wrong documentation of my_view_boxes in Admin Guide (atrol)
  • 0024333: [api rest] Support getting a single project via REST API (vboctor)
  • 0024336: [administration] Plugin priority changed without being changed by user interaction (atrol)

MantisBT 2.13.2

Maintenance release for 2.13.x series.

  • 0024221: [security] CVE-2018-9839: Private issues accessible to unauthorized users using the “Clone” functionality (dregad)
  • 0024233: [markdown] Markdown quoting rendered with broken HTML (atrol)
  • 0024239: [email] Inconsistent realname display (atrol)
  • 0024335: [api rest] Get all filter or specific filter returns incorrect information (vboctor)
  • 0024343: [api rest] REST API returns too much info for default category handler (vboctor)
  • 0024346: [api rest] Don’t show category default handler for users that can’t manage the project (vboctor)
  • 0024349: [api soap] API method mc_filter_get does not work (vboctor)
  • 0024353: [code cleanup] mb_internal_encoding no longer being set because of removal utf8 library (atrol)
  • 0024355: [bugtracker] SYSTEM WARNING ‘count(): Parameter must be an array or an object that implements Countable’ in ‘IssueNoteAddCommand.php (atrol)

MantisBT 1.13.15

Security fixes for 1.3.x release series.

  • 0024365: [security] CVE-2018-9839: Private issues accessible to unauthorized users using the “Clone” functionality (dregad)

Go ahead and download the release from our website.