{"id":647,"date":"2019-09-27T06:48:50","date_gmt":"2019-09-27T06:48:50","guid":{"rendered":"http:\/\/mantisbt.org\/blog\/?p=647"},"modified":"2019-09-27T06:48:50","modified_gmt":"2019-09-27T06:48:50","slug":"mantisbt-2-22-1-and-1-3-20-released","status":"publish","type":"post","link":"https:\/\/mantisbt.org\/blog\/archives\/mantisbt\/647","title":{"rendered":"MantisBT 2.22.1 and 1.3.20 released"},"content":{"rendered":"\n<p>In order to stay up to date with the latest MantisBT news, please star our <a href=\"https:\/\/github.com\/mantisbt\/mantisbt\" target=\"_blank\" rel=\"noreferrer noopener\">GitHub repository<\/a>, join our <a href=\"https:\/\/app.gitter.im\/#\/room\/#mantisbt_mantisbt:gitter.im\" target=\"_blank\" rel=\"noreferrer noopener\">Gitter channel<\/a>, or <a href=\"https:\/\/twitter.com\/mantisbt\" target=\"_blank\" rel=\"noreferrer noopener\">follow us on X<\/a> or <a href=\"https:\/\/phpc.social\/@mantisbt\">Mastodon<\/a> and retweet to spread the word!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">MantisBT 2.22.1<\/h2>\n\n\n\n<p>Security release for 2.22.x series. All installations are strongly advised to upgrade as soon as possible.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/mantisbt.org\/bugs\/view.php?id=26091\">0026091<\/a>: <strong>[security]<\/strong>  CVE-2019-15715: [Admin Required &#8211; Post Authentication] Command Execution \/ Injection Vulnerability (<a href=\"https:\/\/mantisbt.org\/bugs\/view_user_page.php?id=11111\">atrol<\/a>)<\/li><li><a href=\"https:\/\/mantisbt.org\/bugs\/view.php?id=26110\">0026110<\/a>: <strong>[administration]<\/strong>  [Show content] for Complex Configuration option doesn&#8217;t work when mod_rewrite is disabled (<a href=\"https:\/\/mantisbt.org\/bugs\/view_user_page.php?id=17784\">dregad<\/a>)<\/li><li><a href=\"https:\/\/mantisbt.org\/bugs\/view.php?id=26160\">0026160<\/a>: <strong>[security]<\/strong>  Update bundled Bootstrap to 3.4.1 (CVE-2019-8331) (<a href=\"https:\/\/mantisbt.org\/bugs\/view_user_page.php?id=17784\">dregad<\/a>)<\/li><li><a href=\"https:\/\/mantisbt.org\/bugs\/view.php?id=26168\">0026168<\/a>: <strong>[security]<\/strong>  Enable integrity hashes for CSS ressources from CDNs (<a href=\"https:\/\/mantisbt.org\/bugs\/view_user_page.php?id=17784\">dregad<\/a>) <\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">MantisBT 1.3.20<\/h2>\n\n\n\n<p>Security release for 1.3.x series. All installations are strongly advised to upgrade as soon as possible.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/mantisbt.org\/bugs\/view.php?id=26162\">0026162<\/a>: <strong>[security]<\/strong>  CVE-2019-15715: Command Execution \/ Injection Vulnerability (<a href=\"https:\/\/mantisbt.org\/bugs\/view_user_page.php?id=17784\">dregad<\/a>)<\/li><\/ul>\n\n\n\n<p>Go ahead and&nbsp;<a href=\"https:\/\/mantisbt.org\/download.php\">download<\/a>&nbsp;the release from our website.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>MantisBT 2.22.1 Security release for 2.22.x series. All installations are strongly advised to upgrade as soon as possible. 0026091: [security] CVE-2019-15715: [Admin Required &#8211; Post Authentication] Command Execution \/ Injection Vulnerability (atrol) 0026110: [administration] [Show content] for Complex Configuration option doesn&#8217;t work when mod_rewrite is disabled (dregad) 0026160: [security] Update bundled Bootstrap to 3.4.1 (CVE-2019-8331) &hellip; <a href=\"https:\/\/mantisbt.org\/blog\/archives\/mantisbt\/647\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;MantisBT 2.22.1 and 1.3.20 released&#8221;<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6],"class_list":["post-647","post","type-post","status-publish","format-standard","hentry","category-mantisbt","tag-release"],"_links":{"self":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts\/647","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/comments?post=647"}],"version-history":[{"count":1,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts\/647\/revisions"}],"predecessor-version":[{"id":648,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts\/647\/revisions\/648"}],"wp:attachment":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/media?parent=647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/categories?post=647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/tags?post=647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}