From: Victor Boctor <victor@fu...> - 2005-10-11 12:46:44
Mantis now has two packages in SourceForge, mantis-dev and mantis-stable.
The latest releases in these packages are 1.0.0rc2 and 0.19.3. All users
who were monitoring the original Mantis package (for new releases) are now
monitoring mantis-dev. I would encourage all of you to monitor the
mantis-stable package in order to get the notification when Mantis 1.0.0 is
You can also subscribe to Mantis blog at:
Mantis 0.19.3 is a maintenance release that mainly contains security fixes.
All 0.19.x users are advised to upgrade to this version.
- 0006331: [security] Port #5247 to 0.19.3: Real email addresses are visible
when using reminders (vboctor)
- 0006333: [security] Port #5959 to 0.19.3: Cross Site Scripting
Vulnerabilty in the mantis/view_all_set.php Script (vboctor)
- 0006335: [security] Port #6273 to 0.19.3: File Inclusion Vulnerability
- 0006336: [security] Port #6275 to 0.19.3: SQL injection (vboctor)
- 0006334: [security] Port #6097 to 0.19.3: user ID is cached indefinitely
- 0006330: [bugtracker] System warning in login_page.php when no new