Package Details: mantisbt 2.26.2-1

Git Clone URL: https://aur.archlinux.org/mantisbt.git (read-only, click to copy)
Package Base: mantisbt
Description: Web-based issue tracking system
Upstream URL: https://www.mantisbt.org/
Keywords: bugs php tracker
Licenses: GPL2
Submitter: alucryd
Maintainer: speed488
Last Packager: speed488
Votes: 3
Popularity: 0.000000
First Submitted: 2016-08-20 20:18 (UTC)
Last Updated: 2024-05-17 11:23 (UTC)

Dependencies (8)

Required by (0)

Sources (4)

Latest Comments

dvzrv commented on 2019-06-14 22:26 (UTC)

The upgrade to 2.21.1 requires mantisbt to be run as its own user/group: mantisbt.

I haven't gotten around updating the wiki page (in a long time), but will do that soonish and most likely also move mantisbt back to [community] after that.

If you need configuration inspiration, you can have a look at the wiki pages for cacti and postfixadmin, where I added a lot of info on how running php webapps as a separate user can/should be achieved.

Kunda commented on 2019-04-29 12:21 (UTC)

https://mantisbt.org/blog/archives/mantisbt/627
Please update to 2.21

dvzrv commented on 2019-01-24 18:32 (UTC)

@jamespharvey20: you're absolutely right. will change that asap. haven't been paying too much attention to this PKGBUILD (got busy with [community]).

jamespharvey20 commented on 2019-01-24 02:01 (UTC) (edited on 2019-01-24 02:09 (UTC) by jamespharvey20)

The configuration files are world readable, which is a security issue since they contain passwords for the database, potentially smtp, and the salt.

I think it would be a good idea if the PKGBUILD set ownership to all /etc/webapps/mantisbt/ files to http:http, permissions 600.

EDIT: I think this will also have the side effect of the initial installation being able to write config_inc.php rather than having it give a write error, which although easier, is a double edged sword because it would probably make a much shortened version potentially leaving out some of the helpful options and comments that are in upstream's config.inc.php.sample which is copied to config_inc.php by the PKGBUILD.

dvzrv commented on 2017-01-26 10:18 (UTC)

Upgraded to 2.0.0. Added some additional information for upgrading in the post_upgrade hook, leaving the mantisbt instance in a locked state, so you can properly upgrade your database. Sorry it took so long.

dvzrv commented on 2016-09-22 17:58 (UTC)

Upgraded to 1.3.1. Handle with care, as it has bugs, too: https://www.mantisbt.org/bugs/view.php?id=21678