| *** Joins: kirillka (~Miranda@195.242.142.17) | 01:28 | |
| GitHub185 | [mantisbt] vboctor pushed 1 new commit to master-1.2.x: http://git.io/IOJXnw | 01:32 |
|---|---|---|
| GitHub185 | [mantisbt/master-1.2.x] Remove 'ERROR_DUPLICATE_FILE' entry from Croatian language which was causing a warning. Found by test-langsas part of release process for 1.2.11. - Victor Boctor | 01:32 |
| GitHub28 | [mantisbt] vboctor pushed 1 new commit to master-1.2.x: http://git.io/1_qfmw | 01:41 |
| GitHub28 | [mantisbt/master-1.2.x] Updated doc/RELEASE for 1.2.11. - Victor Boctor | 01:41 |
| *** Joins: vb123 (~vb123@50.46.101.89) | 03:10 | |
| vb123 | dhx1, are you there? | 03:10 |
| vb123 | MantisBT v1.2.11 released. | 03:11 |
| vb123 | also updated the official bug tracker and demo instances. | 03:11 |
| vb123 | I wasn't able to build docbook stuff, so used the ones from the nightly build. | 03:12 |
| vb123 | good night. | 03:15 |
| *** Quits: vb123 (~vb123@50.46.101.89) (Ping timeout: 245 seconds) | 03:25 | |
| dhx1 | :) | 03:43 |
| *** Joins: giallu (~giallu@fedora/giallu) | 03:55 | |
| kirillka | dhx1: hi | 04:14 |
| dhx1 | kirillka: hi | 04:19 |
| kirillka | dhx1: I wrote with John. I have trouble | 04:21 |
| kirillka | for plugins api | 04:21 |
| kirillka | I have 2 events | 04:21 |
| kirillka | EVENT_UPDATE_BUG | 04:22 |
| kirillka | and EVENT_BUG_ACTION | 04:22 |
| kirillka | I want see what happened with bug | 04:22 |
| kirillka | I try use ACTION, but I don't see all of events. | 04:23 |
| kirillka | EVENT_UPDATE_BUG all events, but I don't see kind of events | 04:23 |
| kirillka | dhx1: any ideas? | 04:38 |
| dhx1 | kirillka: I don't quite understand? | 05:18 |
| dhx1 | group action updates, SOAP API, bug_attach.php, etc... probably don't fire those events | 05:19 |
| *** Joins: paulr (~IceChat09@cpc1-enfi15-2-0-cust580.hari.cable.virginmedia.com) | 05:36 | |
| kirillka | dhx1: all events, such attach file. this action not execute action event | 05:58 |
| dhx1 | it's quite likely that the events won't fire on every instance of a bug being updated | 06:01 |
| dhx1 | because there are multiple methods used and places where bug updates occur | 06:01 |
| dhx1 | this isn't desired behaviour either | 06:02 |
| paulr | hey dhx | 06:14 |
| paulr | did you see john's blog? | 06:14 |
| dhx1 | paulr: yes | 06:18 |
| dhx1 | paulr: as stated, it isn't much of a surprise | 06:19 |
| dhx1 | I share the same concerns about PHP | 06:19 |
| dhx1 | worst language ever! | 06:19 |
| dhx1 | oh well | 06:19 |
| *** Quits: kirillka (~Miranda@195.242.142.17) (Quit: kirillka) | 06:23 | |
| paulr | dhx1: maybe I should start asking you to do CVE requests for flaws :P | 07:47 |
| dhx1 | :) | 07:47 |
| dhx1 | haha | 07:47 |
| paulr | say 1 a day until end of month? | 07:47 |
| dhx1 | lol, for MantisBT? | 07:49 |
| paulr | :) | 07:49 |
| paulr | we could start with a minor information disclosure | 07:50 |
| dhx1 | not noteworthy, sorry :) | 07:50 |
| paulr | mantisbt allows users to specify a level at which MANTIS_VERSION is displayed, however soap api shows this value to all soap users | 07:50 |
| dhx1 | ugh... I want to get rid of that | 07:51 |
| paulr | some companies would probably request a CVE for that ;p | 07:51 |
| dhx1 | there is no point hiding the version information | 07:51 |
| dhx1 | lol | 07:51 |
| dhx1 | it would not surprise me | 07:51 |
| dhx1 | it is easy enough to look at XHTML changes between releases to see what the version is | 07:51 |
| paulr | but basically | 07:51 |
| paulr | security research = fine | 07:52 |
| paulr | if people find and publish real issues | 07:52 |
| dhx1 | automated vulnerability fuzzer results = useless! | 07:52 |
| paulr | at the same time, every time one does a bug fix, do we really need to go "shall we evalute if this could be considered a security issue in any case" | 07:52 |
| paulr | take kirill's thing earlier | 07:53 |
| paulr | that's a security issue :) | 07:53 |
| dhx1 | lol | 07:53 |
| dhx1 | it could be | 07:53 |
| paulr | you can add a plugin that logs when a user attaches a file | 07:53 |
| paulr | there's a code path where the plugin hook does't fire | 07:53 |
| paulr | therefore audit plugin does not log file attached | 07:53 |
| paulr | therefore security issue | 07:53 |
| dhx1 | paulr: perhaps we should start a "Common XHTML Non-Conformance Issue Database" where we track XHTML non-conformances in software? :P | 07:55 |
| paulr | heh | 08:33 |
| *** Quits: giallu (~giallu@fedora/giallu) (Ping timeout: 260 seconds) | 09:14 | |
| *** Quits: dhx1 (~anonymous@60-242-247-232.static.tpgi.com.au) (Quit: Leaving) | 10:46 | |
| *** Joins: vb123 (~vb123@50.46.101.89) | 18:06 | |
| *** Quits: vb123 (~vb123@50.46.101.89) (Ping timeout: 244 seconds) | 18:13 | |
| *** Joins: vBm (~vBm@unaffiliated/vbm) | 18:47 | |
| *** Parts: vBm (~vBm@unaffiliated/vbm) () | 18:47 | |
| *** Quits: sdfjkljkdfsljkl (~sdfjkljkd@static.96.23.63.178.clients.your-server.de) (Remote host closed the connection) | 20:00 | |
| *** Joins: sdfjkljkdfsljkl (~sdfjkljkd@static.96.23.63.178.clients.your-server.de) | 20:00 | |
| *** Quits: paulr (~IceChat09@cpc1-enfi15-2-0-cust580.hari.cable.virginmedia.com) (Quit: I used to think I was indecisive, but now I'm not too sure.) | 20:51 | |
| *** Joins: vb123 (~vb123@50.46.101.89) | 22:28 | |
| GitHub95 | [mantisbt] vboctor pushed 1 new commit to master-1.2.x: http://git.io/6NRW3w | 22:34 |
| GitHub95 | [mantisbt/master-1.2.x] Changed version to 1.2.12-dev - Victor Boctor | 22:34 |
| *** Quits: vb123 (~vb123@50.46.101.89) (Ping timeout: 245 seconds) | 22:50 | |
| *** Joins: vb123 (~vb123@50.46.101.89) | 22:53 | |
| GitHub166 | [mantisbt] vboctor pushed 1 new commit to master-1.2.x: http://git.io/qc1I1w | 23:08 |
| GitHub166 | [mantisbt/master-1.2.x] Fixes #13445: Add mc_login() for login and to return user data. - Victor Boctor | 23:08 |
| *** Quits: vb123 (~vb123@50.46.101.89) (Ping timeout: 252 seconds) | 23:25 | |
Generated by irclog2html.py 2.10.0 by Marius Gedminas - find it at mg.pov.lt!