Log message:
Update to 1.0.8
- 0007902: [bugtracker] constant_inc is missing statement in 1.0.7 (vboctor)
- 0008020: [installation] Port 7907: Allow using system adodb (giallu)
- 0008029: [localization] Spelling mistake in value of string $s_by_severity \ 
file lang/strings_spanish.txt (giallu)
- 0008019: [other] Port 5333: Invalid zip file core/adodb/adodb-time.zip in CVS \ 
(giallu)
- 0007939: [rss] Port 7738: Replace non free RSS creation class (vboctor)

2007.04.04 - 1.0.7
- 0007743: [security] Port: CVE-2006-6574 (vboctor)
- 0007772: [security] email notifications bypass security on custom fields (vboctor)
- 0007784: [security] XSS vulnerabilities (vboctor)
- 0007774: [custom fields] custom fields not stored correctly in bug history \ 
(vboctor)
- 0007783: [filters] Port: Dynamic filter selection (XMLHTTPRequest) broken when \ 
using IE7
(vboctor)

Log message:
Make it easier to build and install packages "unprivileged", where
the owner of all installed files is a non-root user.  This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.

(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
    unprivileged.mk.  These two variables are lists of other bmake
    variables that define package-specific users and groups.  Packages
    that have user-settable variables for users and groups, e.g. apache
    and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
    etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
    so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
    and ${UNPRIVILEGED_GROUP}.

(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.

Log message:
Add missing backslash.

Log message:
Use CONF_FILES_PERMS instead of CONF_FILES + SPECIAL_PERMS

Log message:
Update to 1.0.6
2006.10.28 - 1.0.6

- 0007466: [security] Port: 6719: Manager of a project can assign the \ 
Administrator role to a user. (vboctor)
- 0007543: [security] Port 5163: Default value for $g_bug_reminder_threshold \ 
should be higher than "reporter" (vboctor)
- 0007467: [administration] Port 6637: Disabled projects don't appear under \ 
parent project (vboctor)
- 0007527: [localization] Port 7526: japanese_utf8 is more suitable than \ 
japanese_sjis ($g_language_auto_map) (vboctor)
- 0007470: [localization] [all lang] Port latest localization files from Mantis \ 
1.1 to Mantis 1.0.x (vboctor)
- 0007530: [localization] Port:: New Languages: bulgarian, catalan, czech_utf8, \ 
french_utf8, italian_utf8, polish_utf8, russian_utf8, slovene_utf8 (vboctor)
- 0007412: [other] Update Mantis to refer to new website (vboctor)

2006.07.23 - 1.0.5

- 0007301: [upgrade] Login page inaccessible after upgrade to 1.0.4 (thraxisp)

2006.07.22 - 1.0.4

- 0007051: [bugtracker] Fix for #6869 / #7034 removes quoted "?" from \ 
arguments (thraxisp)
- 0007298: [bugtracker] Port: bugnote_delete.php redirection fails (vboctor)
- 0007299: [bugtracker] Port: Save login feature does not work (vboctor)
- 0007300: [bugtracker] Port: Remember login always redirects to main_page.php \ 
(vboctor)
- 0007143: [other] Port: checkin.php needs array_unique() (vboctor)

Log message:
Fix homepage URL, reported by Rainer Brinkmoeller in private email

Log message:
Rename all PHP 4 packages to php4-*, all PHP 5 packages to php5-*,
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.

OK from jlam@ and adrianp@.

Log message:
Update to 1.0.3
> - 7037: [security] Port: Login with disabled account possible (vboctor)
> - 7034: [bugtracker] Port: bug in string_sanitize_url() (vboctor)
> - 7028: [db mssql] Port: "Prune Accounts" function doesn't work \ 
with MS SQL (vboctor)
> - 7029: [db mssql] Port: MS SQL Error on View Filters Page (vboctor)
> - 7030: [db mssql] Port: installtion fails - administrator have no rights \ 
on db (vboctor)
> - 7032: [db mssql] Port: Error on opening Change Log (vboctor)
> - 7039: [db mssql] Notice: Only variables should be assigned by reference \ 
in coreadodbadodb.inc.php on line 2931 (vboctor)
> - 7035: [feature] Port: Global Profiles list not sorted (vboctor)
> - 7038: [filters] Port: SYSTEM WARNING: Argument 1 to array_multisort() is \ 
expected to be an array or a sort flag (vboctor)
> - 7031: [installation] Port: is_writable never success in install.php (vboctor)
> - 7041: [installation] Port: newbie admins may be redirected to blank page \ 
(vboctor)
> - 7033: [printing] Port: wrong strpos function call (vboctor)
> - 7027: [upgrade] Port: fixed_in_version is renamed to Fixed_in_version \ 
during database migration (vboctor)

Log message:
Update to 1.0.2
> 2006.04.18 - 1.0.2
> - 0006902: [security] XSS in mantis bug track system .... (thraxisp)
> - 0006859: [bugtracker] Can send reminders to all recipients (thraxisp)
>
> 2006.02.18 - 1.0.1
> - 0006722: [installation] Remaining mysqli_ install problems (ref. \ 
#0006672): my sqli_real_escape_string() expects parameter 1 to be link \ 
(thraxisp)
> - 0006672: [installation] install.php assumes mysql extension, fails with \ 
mysqli extension (thraxisp)
> - 0006668: [filters] Parse error while saving new filter: Call to undefined \ 
function: string_strip_tags() (thraxisp)
>
> 2006.02.04  -  1.0.0
> - 0006044: [security] 'Return' _GET is not checked (thraxisp)
> - 0006650: [security] ADOdb can be exploited to execute arbitrary SQL code \ 
(vboctor)
> - 0006659: [security] Cross site scripting vulnerability (thraxisp)
> - 0006634: [filters] Filter does not work with profiles (vboctor)

Log message:
Removed the superfluous "quotes" and 'quotes' from variables that don't
need them, for example RESTRICTED and SUBST_MESSAGE.*.