lp:ubuntu/precise/mantis

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

21. By Dario Minnucci on 2012-04-11

[ Dario Minnucci ]
* New upstream release (1.2.10)
  - Urgency high because includes fixes for various CVEs
    (upstream fixed in version 1.2.9) (Closes: #662858)
    - CVE-2012-1118
    - CVE-2012-1119
    - CVE-2012-1120
    - CVE-2012-1121
    - CVE-2012-1122
    - CVE-2012-1123
* debian/patches:
  - Drop 000-cleanup-gitignore-file-from-orignal-tarball.diff
    .gitignore file is no longer distributed in the tarball.
* debian/po:
  - Added Danish translation of the debconf templates.
    Thanks to Joe Dalton. (Closes: #664284)
* debian/control:
  - Bump Standards-Version to 3.9.3 (no changes)
  - Build-Depends updated to use debhelper >= 9
* debian/copyright:
  - Fixes for DEP5 compatibility
  - Copyright years updated
* debian/rules:
  - Fix permision on www/images directory
* debian/conf/debian_admin_install.php:
  - Remove support for 'mssql'. Driver is no longer supported in
    PHP >= 5.3
* debian/NEWS: Updated
* debian/README.Debian: Updated

20. By Silvia Alvarez <email address hidden> on 2011-09-12

* Urgency medium: fixed serious bug (policy violations)
  + debian/mantis.config:
    Allow set empty password in debconf config to prevent errors in
    unattended installations (--frontend:Noninteractive --priority=critical)
    (Closes: #640589)
* New Security Upstream Release (1.2.8)
* debian/README.Debian:
  + Added info about setting up custom variables.
* debian/patches:
  + dropped: Fixed in new upstream version (1.2.8)
    Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
    000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
    000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
    000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
    000-Fix-640297-Projax-XSS-injection.diff
* debian/copyright: updated
* debian/mantis.lintian-overrides: added

19. By Silvia Alvarez <email address hidden> on 2011-08-19

[ Silvia Alvarez ]
* New Upstream Release (1.2.6)
* debian/NEWS: updated
* debian/patches:
  + added: Fix security multiple XSS (Closes: #638321)
    000-fix-security-bug-bts-638321-filterapi-multiple-XSS.diff
* debian/copyright: updated
* debian/po debconf translations:
  + Added Russian translation, thanks to
     Yuri Kozlov (Closes: #637752)
  + Clean up ru.po obsoleted lines
* debian/README.Debian: updated
* debian/doc/README.VirtualHost: added information
  about custom config VirtualHost, mantis and javascript-common.
  Thanks to Wolfgang Schulze-Zacha (Closes: #635932)

18. By Silvia Alvarez <email address hidden> on 2011-07-22

* debian/mantis.templates:
   + Removed trailing spaces. (Closes: #634509)
* debian/po debconf translations:
   + Updated es.po, ca.po: unfuzzy.
   + Added French translation, thanks to
     Christian Perrier (Closes: #634827)
* debian/TODO: testing new installations and updates
   + Thanks to Kushal Koolwal for help.

17. By Dario Minnucci on 2010-10-31

debian/po/vi.po: Updated. (Closes: #601930)
Thanks to Clytie Siddall <email address hidden>

16. By Dario Minnucci on 2010-10-28

debian/patches/10-CVE-2010-3763.diff:
Fixes for CVE-2010-3763. (Closes: #601618)

15. By Dario Minnucci on 2010-10-13

* debian/patches/09-CVE-2010-3303-04-and-05.diff:
  Fixes for CVE-2010-3303 (4) and (5) vulnerabilities.
  Note: Mantis debian packages (1.1.6 and 1.1.8) are not affected
  for vulnerabilities described as 1, 2 and 3 at
  http://security-tracker.debian.org/tracker/CVE-2010-3303
  (Closes: #599710)
* debian/po/cs.po: Updated. (Closes: #599846)
  Thanks to Miroslav Kure <email address hidden>

14. By Silvia Alvarez <email address hidden> on 2010-09-05

* debian/patches:
  + Added 08-CVE-2010-2574.diff: Fix for CVE-2010-2574 XSS
    vulnerability when deleting categories that have been
    maliciously named.(Closes: #595510)

13. By Silvia Alvarez <email address hidden> on 2010-02-21

* Switch to dpkg-source 3.0 (quilt) format
* debian/control:
  + Remove quilt on build-depend
  + Updated build-depends to use debhelper (>= 7)
  + Updated Standards-Version to 3.8.4, no changes needed
  + Added uploader Dario Minnucci
* debian/rules:
  + Use dh_prep instead of dh_clean -k, to avoid lintian
    W: mantis source: dh-clean-k-is-deprecated
  + Added dh_installexamples to create debian/examples
* debian/README.MultipleInstances:
  + Correct text which indicates the path location
    for site_dispatcher.php.sample file (Closes: #564632)
* debian/examples:
  + Remove config_inc.php.sample from debian/examples,
    which is included and used by the package installation.
  + Fix debian/site_dispatcher.php.sample path
* debian/prerm
  + Added control to purge dbconfig-common mantis file
    to preserve a clear new installation, when purge
    databse is selected. This help to reinstall mantis
    when a database was not create previously or the config
    file was misconfigured. (Closes: #546468)
* debian/patches:
   + 07-handles-php5.3-deprecation-messages.patch: added
     for handless messages of deprecated PHP5.3 functions
     which are used on the mantis application. For more
     information see README.Debian. Thanks to MantisBT-dev,
     David Hicks, Olivier Berger, Christian Perrier for
     their support. (Closes: #569686)
* debian/README.Debian:
   + Added recommendations for transition to PHP5.3, until
     the new mantis version 1.2 will be released.
* debian/postinst:
   + Fix misconfiguration appliying dpkg-statoverride on
     config_db.php to not be world-readable
* debian/postrm:
   + Fix misconfiguration applying dpkg-statoverride on
     /etc/mantis/config*.php
* debian/NEWS.Debian: Added to inform how to handle issues when
  using PHP >= 5.3

12. By Silvia Alvarez <email address hidden> on 2009-12-30

* debian/control:
  + Take over maintainership (Closes: #471094)
  + Set myself as new package maintainer
  + Remove Vcs-* tags; not longer in SVN
  + Update standards version to 3.8.3; no changes needed
  + Description updated to get read of lintian
    I: using-first-person-in-description
* debian/po debconf translations:
  + Updated Spanish debconf translation, thanks to
    Francisco Javier Cuadrado (Closes: #542760)
  + Updated Japanese debconf translation, thanks to
    Hideki Yamane (Closes: #545406)
  + Updated Swedish debconf translation, thanks to
    Martin Bagge (Closes: #545732)
* debian/patches:
  + Added DEP-3 compliant headers in all existing patches