Source Control Integration

Author	Committer	Branch	Timestamp	Parent
Paul Richards	dregad	master-1.2.x	2014-10-30 15:00	master-1.2.x 49c3d089
Affected Issues	0017742: CVE-2014-8988: Attachments can be downloaded without permission
Changeset	Incorrect access check on attachment downloads Even if config variables $g_download_attachments_threshold and $g_view_attachments_threshold are set to 55 (developer), users with lower privileges can download attachments. Fixes 0017742 Signed-off-by: Damien Regad dregad@mantisbt.org
Changeset	mod - core/file_api.php			Diff File