Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 02 Nov 2014 00:49:11 +0100
From: Damien Regad <dregad@...tisbt.org>
To: oss-security@...ts.openwall.com
Subject: Re: SQL injection vulnerability in MantisBT SOAP API [CVE-2014-8554]

Following up on earlier messages about this issue, please note that I 
just pushed a patch to our official repository on Github [1].

We plan to release MantisBT 1.2.18 in the next few days, as we're 
finalizing fixes for a few additional issues. I'll post back here when 
the new version goes live.

Damien


[1] http://github.com/mantisbt/mantisbt/commit/99ffb0af (1.2.x branch)
     http://github.com/mantisbt/mantisbt/commit/5faf97ab (master)


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ