From: Victor B. <vi...@fu...> - 2004-05-12 12:22:33
|
Mantis Users, Mantis 0.18.3 is mainly a maintenance release to 0.18.2 release. The main reason for this release is to fix a couple of security issues, however, we have put in some other bug fixes and the re-implement csv export feature. We recommend for all Mantis users to upgrade to 0.18.3 due to the security issues. For more information about the security vulnerabilities see the secuirty advisory at: http://manual.mantisbt.org/manual.appendix.security.2004-01.various.vuln erabilities.in.mantis.php 2004.05.12 - 0.18.3 * Sec #3660: Ability to execute arbitrary SQL statement if register_globals = ON. * Sec #3661: A logged in user can download any bug attachment or project document. * Enh #3262: CSV export does not export the category column. * Enh #3264: CSV export should export the resolution. * Enh #3287: Projectname on CSV export. * Enh #3346: CSV extract should output more data, e.g., Date submitted, other data that would allow better analysis of data trends. * Fix #3259: Saving CSV file of bugs containning double quotes causes invalid csv. * Fix #3635: status_resolved in email_api should be resolved. * Fix #3646: Error in core/obsolete.php. * Fix #3691: Parse error in Romanian localisation. * Fix #3728: CSV export shows " instead of real quotes in bug title. * Fix #3795: Resolve should not overwrite handler, if already set. * Fix #0000: Re-generated the FAQ and fixed the hyperlinks (the contents of the FAQ may not be up to date) Regards, Mantis Group |