Skip to content

Commit b99755c

Browse files
dregaddregad
committed
Bump version and update release notes for 1.2.19
1 parent 7a0521a commit b99755c

File tree

2 files changed

+31
-1
lines changed

2 files changed

+31
-1
lines changed

core/constant_inc.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
# You should have received a copy of the GNU General Public License
1515
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
1616

17-
define( 'MANTIS_VERSION', '1.2.19dev' );
17+
define( 'MANTIS_VERSION', '1.2.19' );
1818

1919
# --- constants -------------------
2020
# magic numbers

doc/RELEASE

+30
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,35 @@
11
MantisBT Release Notes
22
======================
33

4+
1.2.19 Security Release (2015-01-25)
5+
-------------------------------------------------
6+
7+
MantisBT 1.2.19 is a security update for the stable 1.2.x branch. All
8+
installations that are currently running any 1.2.x version are strongly
9+
advised to upgrade to this release. Download it from [3].
10+
11+
This release resolves 5 security issues:
12+
13+
- #17938/CVE-2014-9571: XSS in install.php
14+
- #17939/CVE-2014-9572: Improper Access Control in install.php
15+
- #17940/CVE-2014-9573: SQL Injection in manage_user_page.php
16+
- #17984/CVE-2014-9624: CAPTCHA bypass
17+
- #17997/CVE-2015-1042: URL redirection issue
18+
19+
We would like to thank High Tech Bridge Research Lab, Alejo Popovici an
20+
Florent Daignière from Matta Consulting for reporting these issues, and their
21+
cooperation in resolving them.
22+
23+
This release also addresses 2 regression issues introduced in 1.2.18:
24+
25+
- #17993 prevents new users from signing up on systems using CAPTCHA.
26+
- #17967 which causes a PHP error when reporting issues on systems with
27+
checkbox custom fields.
28+
29+
Please refer to the changelog [1] on the MantisBT web site for complete details
30+
on each of these issues.
31+
32+
433
1.2.18 Security Release (2014-12-06)
534
-------------------------------------------------
635

@@ -431,6 +460,7 @@ There have also been many improvements to the codebase beyond adding features:
431460

432461
[1] The changelog is split between multiple releases:
433462

463+
1.2.19 http://www.mantisbt.org/bugs/changelog_page.php?version_id=238
434464
1.2.18 http://www.mantisbt.org/bugs/changelog_page.php?version_id=191
435465
1.2.17 http://www.mantisbt.org/bugs/changelog_page.php?version_id=189
436466
1.2.16 http://www.mantisbt.org/bugs/changelog_page.php?version_id=183

0 commit comments

Comments
 (0)