Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 116036 - www-apps/mantisbt - security release
Summary: www-apps/mantisbt - security release
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa] DerCorny
Depends on:
Reported: 2005-12-19 06:05 UTC by Renat Lumpau (RETIRED)
Modified: 2005-12-22 13:42 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Renat Lumpau (RETIRED) gentoo-dev 2005-12-19 06:05:25 UTC
Mantis 0.19.4 is now available for download.
This maintenance release includes the following fixes:

- #0006419: [security] File Upload Vulnerability (TKADV2005-11-002) (thraxisp)
- #0006420: [security] Injection Vulnerabilities in Filters (TKADV2005-11-002) (thraxisp)
- #0006457: [security] SQL Injection in manage user page (TKADV2005-11-002) (vboctor)
- #0006460: [security] HTTP Header CRLF Injection (TKADV2005-11-002) (vboctor)
- #0006486: [security] Port XSS Vulnerability in filters (TKADV2005-11-002) (thraxisp)

All 0.19.x users are encouraged to upgrade to this release.
Comment 1 Renat Lumpau (RETIRED) gentoo-dev 2005-12-19 06:07:17 UTC
0.19.4 in CVS. 
Comment 2 Stefan Cornelius (RETIRED) gentoo-dev 2005-12-19 06:10:26 UTC
well great work, that was fast, almost everything already done :)

ppc pls mark stable. thx
Comment 3 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-12-19 11:54:10 UTC
Stable on ppc.
Comment 4 Stefan Cornelius (RETIRED) gentoo-dev 2005-12-19 12:29:29 UTC
ready for glsa vote, i've made no decision yet
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-12-19 13:51:39 UTC
small yes from me.
Comment 6 Thierry Carrez (RETIRED) gentoo-dev 2005-12-20 02:47:54 UTC
yes from me
Comment 7 Stefan Cornelius (RETIRED) gentoo-dev 2005-12-22 13:42:41 UTC
GLSA 200512-12 Thx to everbody involved.