diff options
author | adrianp <adrianp@pkgsrc.org> | 2008-11-02 17:25:18 +0000 |
---|---|---|
committer | adrianp <adrianp@pkgsrc.org> | 2008-11-02 17:25:18 +0000 |
commit | 8c504e4bef16c5c49a6af2638c35b91dbca494c9 (patch) | |
tree | 63509c9e90e7c4b328d530d212a6f0d0eb7e4e4e /devel/mantis | |
parent | 7190003b56958a5bbb99bb86b7c524c9ea4f3b0a (diff) | |
download | pkgsrc-8c504e4bef16c5c49a6af2638c35b91dbca494c9.tar.gz |
Update to 1.1.4
2008.10.18 - 1.1.4
===================================
We had to withdraw 1.1.3 because of a serious flaw affecting the bug_report*
pages. This new release fixes that problem and a newly discovered security issue
.
- 0009704: [security] Remote Code Execution in manage_proj_page.php (giallu) - r
esolved.
- 0009691: [bugtracker] Failed to report issue.(Always APPLICATION ERROR #2800)
(jreese) - resolved.
- 0009690: [other] Wrong parameter count for session_set_cookie_params() (jreese
) - resolved.
- 0009693: [webpage] Generated HTML contains multiple hostnames when proxied (jr
eese) - resolved.
2008.10.09 - 1.1.3
===================================
In this release we fixed a couple of nasty bugs sneaked into 1.1.2, where sendin
g bugnotes email notifications would fail and browser caching was not functional
.
We also refined the implementation of form security tokens and closed a couple o
f security issues, an information disclosure (with no CVE) and a session hijacki
ng (CVE-2008-3102).
- 0009321: [security] Users can get title and status of issues that they don't h
ave access to. (vboctor) - resolved.
- 0009533: [security] Mantis should use secure sessions on https connections (jr
eese) - resolved.
- 0009286: [administration] stray "2" in manage_user_prune.php (vboctor) - resol
ved.
- 0009664: [authentication] Logout without unsetting session cookie (jreese) - r
esolved.
- 0009323: [bugtracker] Browser caching broken since 1.1.2 (jreese) - resolved.
- 0009470: [bugtracker] Tags filter not filling into text field when selecting f
rom list using Internet Explorer (jreese) - resolved.
- 0009493: [custom fields] Removing custom fields from project causes applicatio
n error 2800 (giallu) - resolved.
- 0009309: [email] Problems with e-mail notifications about bugnotes [PATCH] (gi
allu) - resolved.
- 0004678: [filters] Filter combos don't fill up on if switched to 'All Projects
' - closed.
- 0009430: [graphs] bug_graph_bystatus shows heading by_category (thraxisp) - re
solved.
- 0009431: [localization] no localization for usage of open, resolved, closed in
bug_graph_bystatus.php (thraxisp) - resolved.
- 0008882: [other] Gravatar causes annoying security popups on IE when using Man
tis over HTTPS/SSL (jreese) - resolved.
- 0009361: [other] php session fail created cause mantis app error. (jreese) - r
esolved.
- 0009560: [other] Wrong behaviour in Session API (session_save_path error messa
ge) (jreese) - resolved.
- 0009672: [other] Fixing form error by going back fails because of security tok
en (jreese) - resolved.
- 0009343: [scripting] form security token prevents changing relationship while
resolving bug (jreese) - resolved.
Diffstat (limited to 'devel/mantis')
-rw-r--r-- | devel/mantis/Makefile | 4 | ||||
-rw-r--r-- | devel/mantis/distinfo | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/devel/mantis/Makefile b/devel/mantis/Makefile index ed699beca1a..243075cf544 100644 --- a/devel/mantis/Makefile +++ b/devel/mantis/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.32 2008/06/21 15:17:00 adrianp Exp $ +# $NetBSD: Makefile,v 1.33 2008/11/02 17:25:18 adrianp Exp $ -DISTNAME= mantis-1.1.2 +DISTNAME= mantis-1.1.4 CATEGORIES= devel www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=mantisbt/} diff --git a/devel/mantis/distinfo b/devel/mantis/distinfo index 4af93babe09..41a29787232 100644 --- a/devel/mantis/distinfo +++ b/devel/mantis/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.12 2008/06/21 15:17:00 adrianp Exp $ +$NetBSD: distinfo,v 1.13 2008/11/02 17:25:18 adrianp Exp $ -SHA1 (mantis-1.1.2.tar.gz) = 291026ca4135961faf97597280cdc2a766b89e3c -RMD160 (mantis-1.1.2.tar.gz) = 251a7daee876468ebe63e72df72824a85680dcc8 -Size (mantis-1.1.2.tar.gz) = 2582860 bytes +SHA1 (mantis-1.1.4.tar.gz) = 7e64529508d3e35b98ae49c12b808998e669ef76 +RMD160 (mantis-1.1.4.tar.gz) = e67d3aa48e65498b7a75909a5976f21db9554d75 +Size (mantis-1.1.4.tar.gz) = 2584719 bytes |