MantisBT 2.12.0 released

A feature release including functional improvements and bug fixes.

  • 0010493: [code cleanup] Non-existent duplicate_realname column is updated by various functions in user_api.php (vboctor)
  • 0022509: [mentions] users with dashes in their name will not work when @mentioned (example @r-frank) (community)
  • 0023375: [mentions] It is hard to @ mention users when show realnames is enabled (vboctor)
  • 0023960: [plug-ins] EVENT_AUTH_USER_FLAGS should always be passed username rather than name (vboctor)
  • 0023961: [timeline] Identify Timeline tags operations with a specific icon (dregad)
  • 0023966: [code cleanup] Option session_handler not implemented (atrol)
  • 0023969: [performance] Minor performance and code enhancements of config functions (atrol)
  • 0024020: [localization] Update supported languages (siebrand)
  • 0024043: [ldap] $g_ldap_realname_field generates WARNING: field ‘givenName’ does not exist. (community)
  • 0023909: [administration] User realname uniqueness check doesn’t work (vboctor)

Starting with MantisBT 2.13.0 the PHP mbstring extension is mandatory. Ensure that it is enabled on your server, or ask your provider if you are not the administrator of the server.

In order to stay up to date with the latest MantisBT news and participate in our polls, please follow us on twitter and retweet to spread the word!

Go ahead and download the release from our website.

MantisBT 2.11.0, 2.10.1, and 1.3.14 released

MantisBT 2.11.0

Feature release

  • 23754: [code cleanup] Code cleanup (atrol)
  • 23876: [installation] Running admin/check fails (dregad)
  • 23900: [administration] Unable to update user access level, due to check on ‘Realname’ returning KO (APPLICATION ERROR #807) (vboctor)
  • 23776: [attachments] Support adding attachments that were not uploaded via the browser (vboctor)
  • 23899: [api rest] Relationship type was localized in GET issue API (vboctor)
  • 23706: [administration] trigger_error() with errors must terminate scripts rather than being config based (vboctor)
  • 23714: [api rest] Failing REST API requests should include Mantis error code and localized message (vboctor)
  • 23762: [api rest] Support adding users to monitor an issue via REST API (vboctor)
  • 23772: [api rest] Support attachments when adding notes via REST API (vboctor)
  • 23773: [api rest] Support time tracking when adding notes via REST API (vboctor)
  • 23780: [api rest] Return status code 429 when hitting spam check limits (vboctor)
  • 23784: [api rest] REST and SOAP API send two email notifications for mentioned users (vboctor)
  • 23785: [api rest] Adding notes via SOAP and REST API with time tracking uses incorrect access check (vboctor)
  • 23786: [code cleanup] Implement IssueNoteDeleteCommand for deleting notes (vboctor)
  • 23787: [administration] Protected admin users can’t be unprotected (atrol)
  • 23830: [security] Update PHPMailer to 5.2.26 (dregad)
  • 11327: [reports] “Developer By Resolution” is the only box in the Summary page not ordered (at least it doesn’t seem to be any logic behind it) (dregad)
  • 12978: [code cleanup] Summary – Time Stats For Resolved Issues (days) (dregad)
  • 22792: [api rest] Support downloading issue attachments (vboctor)
  • 23627: [feature] Summary page enhancement with bugs ratio support (dregad)
  • 23758: [ui] Allow users to select font family that fits them best (syncguru)
  • 23774: [code cleanup] Implement IssueNoteAddCommand to share code for adding notes (vboctor)
  • 23796: [reports] Filter links for resolved/closed custom statuses in Summary By Status report are incorrect (dregad)
  • 23828: [api rest] Support adding attachments to existing issues via REST API (vboctor)
  • 23837: [code cleanup] Implement UserCreateCommand to create users (vboctor)
  • 23838: [api rest] Create user via REST API (vboctor)
  • 23839: [code cleanup] Implement UserDeleteCommand for deleting users (vboctor)
  • 23840: [api rest] Delete user via REST API (vboctor)
  • 23854: [reports] Summary: always show the “By Project” box (dregad)
  • 23855: [code cleanup] Implement TagAttachCommand for attaching tags (vboctor)
  • 23856: [code cleanup] Implement TagDetachCommand to detach tags (vboctor)
  • 23857: [api rest] Add REST API to attach a tag (vboctor)
  • 23858: [api rest] Add REST API to detach a tag (vboctor)
  • 23863: [reports] Summary: Reporter and Developer by Resolution miss a Total column (dregad)
  • 23865: [code cleanup] Implement IssueRelationshipAddCommand to add relationships (vboctor)
  • 23866: [api rest] Support adding relationships via REST API (vboctor)
  • 23867: [code cleanup] Implement IssueRelationshipDeleteCommand (vboctor)
  • 23868: [api rest] Support deleting issue relationships via REST API (vboctor)
  • 23898: [api rest] Some relationships are not formatted correctly in GET issue rest API (vboctor)
  • 23775: [attachments] Remove obsolete code that checks if PHP file info API is defined (vboctor)
  • 23926: [ui] Footer displayed under sidebar on error page when $g_show_detailed_errors = ON (dregad)
  • 23925: [security] Site path leakage in error handler (vboctor)
  • 23930: [installation] Make Fileinfo a mandatory PHP extension (atrol)
  • 23944: [bugtracker] The stack trace on detailed error page should not include the error handler itself (dregad)
  • 23942: [bugtracker] Remove deprecated “errcontext” parameter from standard error handler (dregad)
  • 23943: [bugtracker] Improve detailed error page layout (dregad)

MantisBT 2.10.1

Maintenance release for 2.10.x series

  • 23746: [api soap] unable to create a bug with customfields via SOAP (vboctor)
  • 23765: [api rest] Wrong constructor name in class FilterConverter (atrol)
  • 23924: [relationships] Resolving as duplicate does not add reporter and handler to monitoring list of duplicate issue (atrol)
  • 23906: [security] CVE-2018-6403: XSS in adm_config_report.php ‘value’ parameter (dregad)

MantisBT 1.3.14

Maintenance release for 1.3.x series

  • 23918: [security] CVE-2018-6403: XSS in adm_config_report.php ‘value’ parameter (dregad)

Go ahead and download the release from our website.

A new home for

Today, our good old web server fluffy took a well-deserved retirement, after almost 8 years of service.

The new server has been nicknamed baygon, because – just like Johnny Rico – we like our bugs dead 😉 .

It features much more powerful hardware, with twice the CPU capacity and four times more RAM. The system has been re-installed from scratch with the latest Ubuntu LTS version, recent releases of all the excellent open-source software we rely on to operate the site, and an optimized configuration.

Please let us know if you experience any errors or problems with the new site.

MantisBT 2.10.0 and 2.9.1 released

MantisBT 2.10.0

A feature release including functional improvements and bug fixes.

  • 22789: [api rest] Support retrieving user defined filters (vboctor)
  • 22790: [api rest] Support standard filters defined by the system when retrieving issues (vboctor)
  • 23690: [api rest] Support deleting filters (vboctor)
  • 23710: [code cleanup] Remove usage of deprecated function __autoload (vboctor)
  • 09007: [time tracking] Billing summary does not include sub-projects (community)
  • 23722: [time tracking] Don’t print time tracking buttons and export links (community)
  • 23723: [time tracking] Support configurable default billing rate (community)
  •  23724: [time tracking] Removed useless collapse icon with duplicated title in billing report (community)
  • 23679: [administration] Limit change of impersonation threshold to global config (atrol)
  • 23742: [html] Broken url for MantisBT logo in admin section (community)
  • 23753: [ui] UI of Update Product Build page broken (atrol)

MantisBT 2.9.1

Maintenance release for 2.9.x series

  • 23719: [administration] The reporter can not solve or close the issue (vboctor)
  • 21393: [administration] When disable “Update an issue”, then “Assign to” become access deined. (vboctor)
  • 22093: [administration] Reporter can’t change status of a bug (vboctor)
  • 23721: [bugtracker] PHP error in change status page when user doesn’t have access to private notes (vboctor)

Go ahead and download the release from our website.