Date: Sun, 02 Nov 2014 00:49:11 +0100 From: Damien Regad <dregad@...tisbt.org> To: oss-security@...ts.openwall.com Subject: Re: SQL injection vulnerability in MantisBT SOAP API [CVE-2014-8554] Following up on earlier messages about this issue, please note that I just pushed a patch to our official repository on Github . We plan to release MantisBT 1.2.18 in the next few days, as we're finalizing fixes for a few additional issues. I'll post back here when the new version goes live. Damien  http://github.com/mantisbt/mantisbt/commit/99ffb0af (1.2.x branch) http://github.com/mantisbt/mantisbt/commit/5faf97ab (master)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ