MantisBT 1.2.17 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are strongly advised to upgrade to this release.
A SQL injection vulnerability (CVE-2014-2238) in adm_config_report.php was patched. Refer to issue http://www.mantisbt.org/bugs/view.php?id=17055 for detailed information.
This release also includes a few bug fixes for the tracker, including News API correction for the regression issue http://www.mantisbt.org/bugs/view.php?id=16940 introduced in 1.2.16, as well as updated translations in many languages.
A full changelog can be found at:
http://www.mantisbt.org/bugs/changelog_ ... ion_id=189
The release can be downloaded from
http://sourceforge.net/projects/mantisb ... le/1.2.17/
Global announcements, rules, administrative notes, etc.
1 post • Page 1 of 1