Search Changesets

MantisBT: master-2.22 14cd147d

2019-09-22 06:20:01

dregad

Details Diff
Replace maxcdn by stackpath in CSP headers
Attach Issues:
mod - core/http_api.php Diff File

MantisBT: master-1.3.x 040b81dc

2019-09-22 05:13:41

dregad

Details Diff
Travis: ignore errors caused by 'apt-get update'
Attach Issues:
mod - scripts/travis_before_script.sh Diff File

MantisBT: master eb8494d8

2019-09-22 04:21:40

dregad

Details Diff
Merge branch 'master-2.22'
Attach Issues:
mod - core/constant_inc.php Diff File
mod - core/layout_api.php Diff File
rm - js/bootstrap-3.4.0.min.js Diff File
add - js/bootstrap-3.4.1.min.js Diff File

MantisBT: master 4c52fa00

2019-09-22 00:21:21

cproensa

Details Diff
Use max length property of custom field in inputs

When a string, or text, type custom field has a max length defined, we
should use that for the rendered input in the form, to limit the width
of the input.

Fixes: 0026141
Affected Issues
0026141
mod - core/cfdefs/cfdef_standard.php Diff File

MantisBT: master 20e2e5fd

2019-09-21 20:44:11

dregad

Details Diff
Remove unused variable
Attach Issues:
mod - core/html_api.php Diff File

MantisBT: master c5b85055

2019-09-21 20:38:40

dregad

Details Diff
Remove unused language string

Follow-up on ea3c13cc573b68bc715c069ad354091881f86f01, that string was
missed.
Attach Issues:
mod - plugins/MantisGraph/lang/strings_eo.txt Diff File

MantisBT: master 1436e536

2019-09-21 20:21:09

cproensa

Details Diff
Clean up duplicated query call

Move the call to `file_get_visible_attachments()` outside of the loop,
to avoid duplicated database queries.

Fixes: 0026167
Affected Issues
0026167
mod - api/soap/mc_issue_api.php Diff File

MantisBT: master 668a9b1e

2019-09-21 20:17:21

cproensa

Details Diff
Cache custom fields in mc_issue_api

Preload custom field data into cache to avoid repeated database queries.

Fixes: 0026166
Affected Issues
0026166
mod - api/soap/mc_issue_api.php Diff File

MantisBT: master fa538d1d

2019-09-21 12:14:53

dregad

Details Diff
Merge branch 'master-2.22'
Attach Issues:
mod - config_defaults_inc.php Diff File
mod - core/graphviz_api.php Diff File

MantisBT: master-1.3.x 7092573f

2019-09-21 12:10:24

dregad

Details Diff
Prevent arbitrary shell command execution

Prior to this, Administrators were able to edit 'dot_tool' and
'neato_tool' config options from the Manage Configuration Page

These can now only be set in the config_inc.php file.

Fixes 0026162, CVE-2019-15715

Backported from fc7668c8e45db55fc3a4b991ea99d2b80861a14c.
Affected Issues
0026162
mod - config_defaults_inc.php Diff File

MantisBT: master 5fb97960

2019-09-21 12:02:59

dregad

Details Diff
Escape GraphViz command before calling proc_open()

Fixes 0026091, CVE-2019-15715
Affected Issues
0026091
mod - core/graphviz_api.php Diff File

MantisBT: master-1.3.x cebfb9ac

2019-09-21 12:02:59

dregad

Details Diff
Escape GraphViz command before calling proc_open()

Fixes 0026162, CVE-2019-15715

(cherry picked from commit 5fb979604d88c630343b3eaf2b435cd41918c501)
Affected Issues
0026162
mod - core/graphviz_api.php Diff File

MantisBT: master 72ff745b

2019-09-20 11:04:53

dregad

Details Diff
Change Bootstrap & FontAwesome CDN

According to the official download pages, these libraries switched from
Max CDN to StackPath (as the latter bought the former).
Attach Issues:
mod - core/layout_api.php Diff File

MantisBT: master 1e2a3018

2019-09-20 11:00:03

dregad

Details Diff
Update Bootstrap to 3.4.1

Original css files were modified to remove the # on the source map file.
This prevents warnings in the browser console.

Fixes 0026160, CVE-2019-8331
Affected Issues
0026160
mod - core/constant_inc.php Diff File
rm - js/bootstrap-3.4.0.min.js Diff File
add - js/bootstrap-3.4.1.min.js Diff File

MantisBT: master f3b4e39b

2019-09-16 12:57:44

translatewiki.net

Details Diff
Localisation updates from https://translatewiki.net.
Attach Issues:
mod - lang/strings_persian.txt Diff File
mod - lang/strings_zazaki.txt Diff File
mod - plugins/MantisCoreFormatting/lang/strings_zazaki.txt Diff File

MantisBT: master aa429d33

2019-09-16 03:59:08

dregad

Details Diff
Also display "monitors" section if issue not monitored

The "Users monitoring this issue" section was only displayed when there
is at least one user monitoring the issue.

Includes fixes to PR review comments by @vboctor
- Fix check of force_readonly option
- "Belt & braces" when processing list of monitoring users

Fixes 0026125
Affected Issues
0026125
mod - bug_view_inc.php Diff File
mod - core/commands/IssueViewPageCommand.php Diff File

MantisBT: master d7ae5dd8

2019-09-14 11:29:02

dregad

Details Diff
Remove unused variables
Attach Issues:
mod - plugins/MantisGraph/MantisGraph.php Diff File

MantisBT: master 25110fd3

2019-09-13 17:11:30

dregad

Details Diff
Convert redirect_delay column back to integer

Follow-up fix for user_pref.redirect_delay, which was incorrectly
set to boolean in check_pgsql_bool_columns() before MantisBT 2.23.0,
so we need to check its type and convert it back to integer if needed.

Fixes 0026109
Affected Issues
0026109
mod - admin/install.php Diff File
mod - core/install_helper_functions_api.php Diff File

MantisBT: master b215c4d5

2019-09-13 17:04:22

dregad

Details Diff
Check DB type before calling check_pgsql_bool_columns()
Attach Issues:
mod - admin/install.php Diff File

MantisBT: master c7f87915

2019-09-13 17:03:42

dregad

Details Diff
Fix PHP Warning if check_pgsql_bool_columns() fails

If SQL to retrieve column data in information_schema fails, the function
returns a string. This string is then used in a foreach loop, triggering
a warning.
Attach Issues:
mod - admin/install.php Diff File

MantisBT: master c73fd8b0

2019-09-12 19:11:13

dregad

Details Diff
Only display time spent if time tracking is enabled

Fixes 0026134
Affected Issues
0026134
mod - bugnote_view_inc.php Diff File

MantisBT: master c57ccb2b

2019-09-12 18:38:11

dregad

Details Diff
Add missing column from group by clause

This causes an error when retrieving time tracking information on View
Issue Details page, on MySQL when ONLY_FULL_GROUP_BY is enabled (default
since 5.7).

Fixes 0026132
Affected Issues
0026132
mod - core/bugnote_api.php Diff File

MantisBT: master 9d840d2b

2019-09-12 12:47:03

dregad

Details Diff
Add file with default value 'null' for user id

This ensures that the file attachment is added with a reference to the
current user.

Regression introduced by 255dfdf261c42adb76c4f3b6a157186afe999f9b,
caused attachments uploaded together with the issue's submission to be
linked to user '0' instead of the reporter.

Fixes 0026128
Affected Issues
0026128
mod - core/file_api.php Diff File

MantisBT: master 7acc1d26

2019-09-12 10:04:36

translatewiki.net

Details Diff
Localisation updates from https://translatewiki.net.
Attach Issues:
mod - lang/strings_italian.txt Diff File
mod - lang/strings_japanese.txt Diff File
add - plugins/Gravatar/lang/strings_en-gb.txt Diff File

MantisBT: master 0785615c

2019-09-11 07:16:30

dregad

Details Diff
IssueViewPageCommand: regroup monitor flags
Attach Issues:
mod - core/commands/IssueViewPageCommand.php Diff File
 First  Prev  1 2 3 4 5 ... 70 ... 140 ... 210 ... 280 ... 350 ... 420 ... 490 ... 560 ... 630 ... 658 659 660  Next  Last