mantisbt - Change Log
Released 2023-10-14
Security and maintenance release addressing an information disclosure issue (CVE-2023-44394) and a security issue in bundled GuzzleHttp library (CVE-2023-29197). This release also resolves several PHP 8.x compatibility and REST API issues.
All installations are strongly advised to upgrade as soon as possible.
- 0032459: [bugtracker] Graphics x Apple Safari 16 (atrol)
- 0028618: [bugtracker] Category empty but required does not prevent form submission on Firefox Windows and Safari (dregad)
- 0029438: [api rest] Unsupported operand types when an incident with time tracking notes is updated via REST API (dregad)
- 0032390: [plug-ins] Impossible to install a plugin without any dependencies (dregad)
- 0032432: [security] Update guzzlehttp/psr7 to 1.9.1 (dregad)
- 0032612: [bugtracker] DEPRECATED: 'Creation of dynamic property BugData::$bug_text_id (dregad)
- 0032451: [bugtracker] Email uniqueness is not enforced on case-sensitive databases (dregad)
- 0032703: [bugtracker] Local documentation is not accessible (403) (dregad)
- 0032788: [ui] Incorrect styling of table headers (dregad)
- 0032809: [bugtracker] PHP 8.1 deprecation notice in user_search_cache() (dregad)
- 0032860: [api rest] REST API allows resolving an issue with unresolved children (dregad)
- 0032865: [html] Wrong HTML tags on "Manage Filters" page (atrol)
- 0032889: [plug-ins] EVENT_MENU_DOCS is never triggered (dregad)
- 0026365: [api rest] Missing Authorization header in REST API causing requests to fail (dregad)
- 0032981: [security] CVE-2023-44394: Information Leakage on DokuWiki Integration (dregad)
15 issues View Issues
