Tag: release

MantisBT 2.28.3 released

This is a hotfix release, addressing a regression in the reauthentication flow introduced in 2.28.2. Please refer to the Change Log for complete details.

Thanks to Dominik Pesch for reporting the issue and providing a patch to fix it.

All installations are advised to upgrade as soon as possible.

Go ahead and download the release from our website.

In order to stay up to date with the latest MantisBT news, please star our GitHub repository, join our Gitter channel, or follow us on X or Mastodon and retweet to spread the word!

MantisBT 2.28.2 released

This is an important security release, addressing over 15 vulnerabilities. It also fixes a few bugs and regression issues, and improves PHP 8.5 compatibility.

Please refer to the Change Log for complete details.

We would like to thank the researchers who identified, responsibly disclosed and helped us fix the security issues: Vishal Shukla (ninjasec), Dracosec Research Limited, Nozomu Sasaki (morimori-dev) and Tang Cheuk Hei (siunam).

All installations are advised to upgrade as soon as possible.

Go ahead and download the release from our website.

In order to stay up to date with the latest MantisBT news, please star our GitHub repository, join our Gitter channel, or follow us on X or Mastodon and retweet to spread the word!

MantisBT 2.28.1 Released

Security release addressing:

  • A critical vulnerability affecting the SOAP API on MySQL (CVE-2026-30849);
  • Two HTML injection / XSS issues with tag names (CVE-2026-33517 and CVE-2026-33548).

Many thanks to Alexander Philiotis of SynerComm and Vishal Shukla for discovering and responsibly reporting the issues.

A few regression issues introduced in 2.28.0 have been fixed as well. Please refer to the Change Log for complete details.

All installations are advised to upgrade as soon as possible.

Go ahead and download the release from our website.

In order to stay up to date with the latest MantisBT news, please star our GitHub repository, join our Gitter channel, or follow us on X or Mastodon and retweet to spread the word!

MantisBT 2.28.0 Released

This long-awaited release includes nearly 80 enhancements and bug fixes. Here are a few highlights among the many changes, please refer to the Change Log for complete details.

  • Compatibility with PHP 8.4 and 8.5
  • Improved documentation, including an OpenAPI Description for the REST API.
  • Better Tags management
  • Restored included pages functionality (top/bottom_include_page options and triggering of EVENT_LAYOUT_PAGE_HEADER)

Special thanks to Nikolay Raspopov for his significant contribution to this release.

All installations are advised to upgrade as soon as possible.

Go ahead and download the release from our website.

In order to stay up to date with the latest MantisBT news, please star our GitHub repository, join our Gitter channel, or follow us on X or Mastodon and retweet to spread the word!

MantisBT 2.27.3 Released

Hotfix release addressing a couple of regression issues affecting Admin Checks introduced by 2.27.2. Please refer to the Change Log for details.

All installations are advised to upgrade as soon as possible.

Go ahead and download the release from our website.

In order to stay up to date with the latest MantisBT news, please star our GitHub repository, join our Gitter channel, or follow us on X or Mastodon and retweet to spread the word!