Source Control Integration

Author	Committer	Branch	Timestamp	Parent
Paul Richards	dregad	master	2014-10-30 15:00	master 1a49a780
Affected Issues	0017742: CVE-2014-8988: Attachments can be downloaded without permission
Changeset	Incorrect access check on attachment downloads Even if config variables $g_download_attachments_threshold and $g_view_attachments_threshold are set to 55 (developer), users with lower privileges can download attachments. Fixes 0017742 Signed-off-by: Damien Regad dregad@mantisbt.org
Changeset	mod - core/file_api.php			Diff File