Howdy all, MantisBT 1.2.2 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are advised to upgrade to this release.
Issue #11952 covers a security fix to the display of inline attachments, where "Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks". See http://www.mantisbt.org/bugs/view.php?id=11952 for further details and information. Also included with 1.2.2 are a range of translation updates, regression fixes, and bug fixes, including multiple SOAP API-related bugs and regressions. The release changelog can be found at: - http://www.mantisbt.org/bugs/changelog_page.php?version_id=110 It can be downloaded at: - http://www.mantisbt.org/download.php Cheers -- John Reese LeetCode.net ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ mantisbt-help mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/mantisbt-help
