Hébergement Mantis


Mantis est un système open source de suivi de bug.

Installation en 1 clic Mantis

Installation en 1 clic

Mise à jour facile Mantis

Mise à jour facile

Sauvegarde et restauration Mantis

Sauvegarde et restauration


E-commerce et Entreprise
Version courante
Dernière mise à jour
1 November 2017
Français + 48 autres

Configuration requise

Taille de l'installation
50 Mo
Base de données
open source
Vue d'ensemble
Quoi de neuf


(version majeure)
1 Novembre 2017 - 50MBWARNING
From version 2.8.0, Mantis requires the PHP 'mysqli' extension. It no longer supports 'mysql' or 'pdo_mysql'.
This upgrade will automatically change your application's database driver to 'mysqli'.

  • [api rest] REST API Issue update support (vboctor)
  • [performance] Unneeded files delivered if Mantis Graphs plugin is enabled (atrol)
  • [performance] Unneeded code delivered to support unsupported IE9 (atrol)
  • [ui] Useless UI element on manage_proj_page (atrol)
  • [custom fields] Empty numeric fields should be display as empty rather than 0 (community)
  • [custom fields] Empty float fields should be displayed as empty rather than 0 (community)
  • [api soap] Updating issues via APIs should trigger email notifications (vboctor)
  • [bugtracker] Auto-refresh shouldn't update last visited (atrol)
  • [code cleanup] Usage of deprecated constant (atrol)
  • [html] Wrong class name for tags output (atrol)
  • [administration] Remove unused config option inline_file_exts (community)
  • [plug-ins] Add plugin event EVENT_BUG_ACTIONGROUP_FORM (cproensa)
  • [custom fields] Numeric field accepts floats and displays them as numeric (vboctor)
  • [bugtracker] resolving parent issues inconsistency (community)
  • [bugtracker] Notes are not in the correct order after cloning an issue (cproensa)
  • [code cleanup] Remove php_version_at_least() function from PHP API (dregad)
  • [email] DomainKeys Identified Mail (DKIM) Signatures (community)
  • [bugtracker] Handler user is visible even if view_handler_threshold is configured to not allow (cproensa)
  • [api rest] Enable REST API by default (vboctor)
  • [bugtracker] "show_assigned_names" configuration is not applied correctly in view_all_bug_page (cproensa)
  • [filters] Filter "advanced" mode is reset after sorting through column headers (cproensa)
  • [api rest] Facilitate troubleshooting REST API by displaying detailed errors (dregad)
  • [email] Update PHPMailer to v5.2.25 (vboctor)
  • [code cleanup] Force composer to honor PHP compatibility advertised for MantisBT (vboctor)
  • [ui] Bugnote text area not styled correctly when private by default (vboctor)
  • [bugtracker] Notes added via change status / edit always market private when private by default (vboctor)

Lire la suite: http://www.mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.8.0


(version majeure)
13 Février 2017 - 22MBThis release has about 60 features and fixes including those merged from 2.0.1 and 1.3.6.

  • Markdown Support – MantisBT now provides markdown support similar to other tools that developers use like GitHub, Bitbucket, and others. We are starting off with rolling this out as an experimental feature that is disabled by default. Users are encouraged to try it out and provide us with feedback. To enable Markdown go to Manage – Manage Plugins – MantisBT Formatting 2.1.0, click ON next to "Markdown Processing" and click "Update Configuration". See examples for supported markdown.
  • Lots of Filtering Improvements – There has been major refactoring for the filtering code, lots of bug fixes, and addition of ability to edit saved filters, filter by last update timestamp, and others.

Lire la suite: http://mantisbt.org/blog/?p=498


27 Janvier 2015 - 22MBThis is a security update for the stable 1.2.x branch that resolves 5 security-related bugs and vulnerabilities and 2 regression issues introduced in 1.2.18. All installations that are currently running any 1.2.x version are strongly advised to upgrade to this release.

  • #17938/CVE-2014-9571: XSS in install.php
  • #17939/CVE-2014-9572: Improper Access Control in install.php
  • #17940/CVE-2014-9573: SQL Injection in manage_user_page.php
  • #17984/CVE-2014-9624: CAPTCHA bypass
  • #17997/CVE-2015-1042: URL redirection issue

  • #17993 prevents new users from signing up on systems using CAPTCHA.
  • #17967 which causes a PHP error when reporting issues on systems with checkbox custom fields.

Full Changelog
  • 0017940: [security] CVE-2014-9573: SQL Injection in manage_user_page.php (dregad)
  • 0017984: [security] CVE-2014-9624: CAPTCHA bypass is way easier than it should be (dregad)
  • 0017997: [security] CVE-2015-1042: URL redirection issue (dregad)
  • 0017938: [security] CVE-2014-9571: XSS in install.php (dregad)
  • 0017939: [security] CVE-2014-9572: Improper Access Control in install.php (dregad)
  • 0017967: [bugtracker] Reporting an issue gives: 'Invalid argument supplied for foreach()' in '/opt/mantisbt-1.2.18/core/gpc_api.php' line 259 (dregad)
  • 0017925: [email] Order of notes in email notifications seem to be based on user who triggered the action (dregad)
  • 0017977: [bugtracker] Fix handling of due dates (dregad)
  • 0018025: [administration] Installer UI tweaks (dregad)
  • 0011742: [bugtracker] Sort bug notes by date, not by ID (dregad)
  • 0017993: [authentication] User creation with captcha broken by fix for issue 0017811 (dregad)

Lire la suite: https://www.mantisbt.org/blog/?p=408


(version de sécurité)
7 Décembre 2014 - 22MBThis is a security update for the stable 1.2.x branch that resolves 23 security-related bugs and vulnerabilities, including 7 Cross-Site Scripting (XSS) issues, 2 Code injection issues, 2 SQL injection (XSS) issues, 5 Information disclosure issues, and 7 Other security issues. All installations that are currently running any 1.2.x version are strongly advised to upgrade to this release.
  • 0009885: [security] Emails on relations is send to people who cannot see the related issue (vboctor).
  • 0017878: [security] Prevent unauthorized users setting handler when reporting issue (dregad).
  • 0017362: [security] Multiple vulnerabilities in MantisBT (dregad).
  • 0017877: [security] CVE-2014-9279: Db Credentials leak via unattended upgrade script (dregad).
  • 0017876: [security] CVE-2014-9281: Reflected XSS in admin panel / copy_field.php (dregad).
  • 0017874: [security] CVE-2014-9271: Persistent XSS in file uploads/attachments (dregad).
  • 0017875: [security] CVE-2014-9280: PHP Object Injection in filter API (dregad).
  • 0017297: [security] CVE-2014-9272: XSS in string_insert_hrefs allows script execution (dregad).
  • 0017648: [security] CVE-2014-6316: URL redirection issue (dregad).
  • 0017073: [other] Incorrect $specific_where (dregad).
  • 0017289: [documentation] Code allows display of Resolution and Status in bug report page, but doc says it's not allowed (dregad).
  • 0017292: [code cleanup] Use of deprecated PREG_REPLACE_EVAL ('e') pattern modifier (dregad).
  • 0017322: [attachments] Warning in bug report when attachments are disabled (dregad).
  • 0017324: [attachments] Debug output displayed when adding files (dregad).
  • 0017405: [bugtracker] proj_doc_update.php on document update crashes if new file is not uploaded (dregad).
  • 0017407: [bugtracker] Missing error param when updating project doc (dregad).
  • 0017457: [filters] Column summary of the free text search is not prefixed by table (filter_api) (dregad).
  • 0009460: [bugtracker] Default profile doesn't work (dregad).
  • 0010966: [security] No Errors shown at all if error_reporting=0 configured at server (dregad).
  • 0015420: [bugtracker] Invalid category check is not made (vboctor).
  • 0016957: [news] News section shouldn't show in permissions report when feature is disabled (vboctor).
  • 0016993: [api soap] Handler can be set without having appropriate access rights (vboctor).
  • 0017011: [db mssql] Graph « Cumulative by date » is not displayed in Summary > Advanced Summary (dregad).
  • 0017075: [migration] Import plugins should be able to set last_updated field to a date in the past (vboctor).
  • 0017076: [bugtracker] Issue history show date submitted and last updated as integers rather than dates (vboctor).
  • 0017847: [bugtracker] New BugData object due_date should be blank (dregad).
  • 0017848: [plug-ins] XML import plugin only replaces links in 'description' (dregad).
  • 0017640: [security] CVE-2014-6387: Null byte poisoning in LDAP authentication (dregad).
  • 0017725: [security] CVE-2014-7146 : PHP Code Injection Vulnerability in XmlImportExport plugin (dregad).
  • 0017744: [security] Attachments displayed in history despite user not authorised to view them (dregad).
  • 0017763: [api soap] mc_issue_update() email notification doesn't include added notes (vboctor).
  • 0017780: [security] CVE-2014-8598: XML plugin should restrict ability to import data (dregad).
  • 0017812: [api soap] CVE-2014-8554: SQL injection in SOAP API (dregad).
  • 0017890: [security] CVE-2014-9269: XSS in extended project browser (dregad).
  • 0017870: [security] CVE-2014-8987: XSS in adm_config_report.php (dregad).
  • 0017889: [security] CVE-2014-8986: adm_config_report.php filtering does not check config option is valid (dregad).
  • 0017583: [security] CVE-2014-9270: Stored XSS in Mantis (dregad).
  • 0017841: [security] CVE-2014-9089: SQL injection in view_all_set.php (vboctor).
  • 0017811: [security] CVE-2014-9117: CAPTCHA bypass (vboctor).
  • 0017827: [email] Disposable library triggers PHP STRICT warnings (dregad).
  • 0017924: [news] Not possible to set 'announcement' flag when editing News (dregad).

Lire la suite: http://www.mantisbt.org/bugs/changelog_page.php?version_id=191

Afficher plus de versions


4 Mars 2014 - 22MBThis is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are strongly advised to upgrade to this release.
  • 0016940: [news] undefined function db_params() in core/news_api.php (dregad)
  • 0016989: [other] The bug_get_bugnote_count() function in the bug API always returns 0 (atrol)
  • 0017007: [webpage] duplicate 'a' tag (atrol)
  • 0017055: [security] CVE-2014-2238: SQL injection vulnerability in adm_config_report.php (dregad)

Lire la suite: http://www.mantisbt.org/bugs/changelog_page.php?version_id=189


(version de sécurité)
8 Février 2014 - 22MBThis is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are strongly advised to upgrade to this release.
  • 0016879: [security] CVE-2014-1608: soap:Envelope SQL injection attack (dregad).
  • 0016880: [security] CVE-2014-1609: SQL injection vulnerabilities (dregad).
  • 0016513: [security] CVE-2013-4460: XSS in account_sponsor_page.php project names (atrol).
  • 0015770: [security] When $g_limit_reporters = ON; it is still possible to change reporter (dregad).
  • 0014301: [documentation] Add SOAP API documentation in the administration guide (rombert).
  • 0015572: [attachments] diskfile_is_name_unique() can return non-unique filename (dregad).
  • 0015762: [email] email_regex_simple() case sensitive, leading to incorrect e-mail links (dregad).
  • 0015775: [other] Wrong reporter when copying an issue (atrol).
  • 0015777: [other] Wrong value in field "Date Submitted" when copying issues (atrol).
  • 0015791: [other] System notice when json_url() retrieves non-existent member (dregad).
  • 0015807: [api soap] Support standard filters like ones in My View page in SOAP API (vboctor).
  • 0015812: [documentation] Wrong example code for custom validation functions (atrol).
  • 0009936: [api soap] add history information (rombert).
  • 0015496: [attachments] Script to move attachments from db to disk not working (dregad).
  • 0015774: [attachments] Incorrect number of attached files (dregad).
  • 0015893: [email] It should not be possible to reset a user's password if e-mail is blank (dregad).
  • 0015920: [administration] Missing config file causes cli scripts to fail silently (dregad).
  • 0015921: [code cleanup] Temp variables defined in global scope should be unset() after use (dregad).
  • 0015958: [email] Upgrade PHPMailer to 5.2.6 (dregad).
  • 0014543: [email] Emails are not sent to addresses with single subdomain (dregad).
  • 0015953: [email] 'Could not instantiate mail function' error with safe mode=ON (dregad).
  • 0015959: [api soap] SOAP: raw XML when browsing the WSDL (dregad).
  • 0016028: [api soap] Adding note via webservice generates wrong email content for assigned user (rombert).
  • 0016120: [email] Cannot modify Receive Reminder threshold on Manage Threshold Page (atrol).
  • 0009876: [performance] Performance problem with a lot of projects (dregad).
  • 0016174: [tools] Travis CI: set up PHP 5.5 build alongside 5.4 (rombert).
  • 0012955: [attachments] After updating a project documentation the file is damaged (dregad).
  • 0014541: [code cleanup] Remove calls to deprecated functions db_prepare* in "Docs" update page (dregad).
  • 0016126: [tools] Setup integration testing on Travis CI (rombert).
  • 0016158: [api soap] mc_filter_get_issues does not populate monitors fiels for retrieved issues (rombert).
  • 0016187: [administration] Application error on fresh install (dregad).
  • 0016202: [tools] Travis CI: set up PHP 5.3 build (atrol).
  • 0016204: [tools] User Test fails when bugnote_order is not set to default (dregad).
  • 0016205: [tools] Issue History tests fail when history order is descending (dregad).
  • 0016203: [tools] Issue History tests randomly fail (dregad).
  • 0010071: [administration] Manage Workflow Threshold page: 'Who can alter this value' is not saved (dregad).
  • 0012470: [custom fields] Custom fields names aren't translated in several places (dregad).
  • 0012480: [bugtracker] Editing a bug with no assigned user and no access to edit assigned to field shows 'user0' (dregad).
  • 0015790: [other] url_get() cURL should set User Agent (dregad).
  • 0015817: [api soap] SOAP API unit test failures (dregad).
  • 0016175: [tools] Customize Travis notifications (dregad).
  • 0016252: [api soap] API SOAP provides no answer after MantisBT upgrade (rombert).
  • 0016259: [bugtracker] When sorting issues by due_date, unset values should be listed at the end (dregad).
  • 0016337: [administration] Creating the first project on a fresh install causes error 2800 (dregad).
  • 0016340: [db db2] Error 401 for Manage Tags (dregad).
  • 0016341: [db postgresql] Impossible to retrieve attachments from DB with PostgreSQL >= 9.0 (dregad).
  • 0016342: [bugtracker] The g_html_valid_tags_single_line configuration variable seems to be ignored in favor of g_html_valid_tags (dregad).
  • 0016348: [code cleanup] Duplicated code in MantisCoreFormatting (dregad).
  • 0016408: [customization] config_eval() fails on configs that reference array values (vboctor).
  • 0016416: [installation] Improve first login experience by auto-redirecting to create project page (vboctor).
  • 0016431: [installation] Numerous "Invalid argument supplied for foreach()" errors when installing with DB script printed to screen (grangeway).
  • 0016484: [tagging] SOAP: Impossible to attach tags to issues (dregad).
  • 0016485: [api soap] SOAP API test failure for due date (dregad).
  • 0014563: [db oracle] Use of literal SQL statement causes ORA-01704 error when uploading attachments (dregad).
  • 0010873: [roadmap] Change Log/Roadmap do not work with inherited versions. (dregad).
  • 0014458: [other] Track third party libs as github repos (dregad).
  • 0015196: [api soap] Create history entries when creating issues with non-default status and resolution (rombert).
  • 0016376: [customization] Not able to change status without having update issue rights (dregad).
  • 0016420: [preferences] Editing user preferences when no project exists triggers application error 20 (dregad).
  • 0016607: [documentation] Wrong option html_tags in Admin Guide (atrol).
  • 0016767: [upgrade] upgrade_unattended script is no longer working (vboctor).
  • 0016768: [mantistouch] Default mantistouch_url correctly when MantisTouch is installed in 'm' subfolder (vboctor).
  • 0016769: [mantistouch] MantisTouch redirect can break soap api based on user agent sent (vboctor).
  • 0016770: [mantistouch] Redirect from MantisBT issue to MantisTouch should go to the same issue page on MantisTouch (vboctor).
  • 0011785: [code cleanup] Comment for access_compare_level in access_api.php is bogus (atrol).
  • 0015648: [email] add event signalling to email_build_subject() function (dregad).
  • 0015647: [email] email subject is build manually in function email_bug_info_to_one_user() (atrol).
  • 0016706: [plug-ins] Plugin pages can be accessed directly when schema upgrade is needed (dregad).
  • 0016812: [bugtracker] Moving issue to child->child changes category to default (dregad).
  • 0016848: [bugtracker] Remove main page from main menu when news feature is OFF (vboctor).
  • 0006343: [bugtracker] Change status using actiongroup does not send email notifiation (dregad).
  • 0013659: [email] e-mail notification about priority change is not sent when using bug_actiongroup_page.php (dregad).

Lire la suite: http://www.mantisbt.org/bugs/changelog_page.php?version_id=183


(version de sécurité)
15 Avril 2013 - 22MBMantisBT 1.2.15 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are strongly advised to upgrade to this release. Please refer to the release notes for details.
  • 0002971: [bugtracker] Reminders are not added to bug history (dregad) - closed.
  • 0015470: [bugtracker] Reminders recipient list is truncated (dregad) - closed.
  • 0010047: [documentation] Adding new statuses section is missing a step (dregad) - closed.
  • 0010118: [documentation] lang_get_current() returns wrong language if $g_default_language overwritten (dregad) - closed.
  • 0010372: [feature] Don't allow reminders to be sent if the user doesn't have an email address specificed (dregad) - closed.
  • 0013054: [installation] Installer displays a blank page if core.php encounters a critical error (dregad) - closed.
  • 0015357: [bugtracker] uninitialized library path (dregad) - closed.
  • 0015471: [bugtracker] bug_reminder.php does not handle unsent reminders (dregad) - closed.
  • 0015472: [bugtracker] email_bug_reminder() API's return array is always full list of recipients (dregad) - closed.
  • 0015481: [custom fields] Custom fields values are not sorted in the main filter (dregad) - closed.
  • 0015528: [printing] Custom fields user has no access to should not be displayed on print pages (dregad) - closed.
  • 0015538: [bugtracker] Issues list is not displayed when $g_limit_reporters is ON (dregad) - closed.
  • 0015540: [documentation] Wrong example code for custom status translation (atrol) - closed.
  • 0015558: [bugtracker] url_get() does not fall back to other methods when no data is retrieved (dregad) - closed.
  • 0015573: [security] CVE-2013-1883: One query can be issued via current Mantis interface to take down site (dregad) - closed.
  • 0015575: [documentation] Turning on $g_show_queries_list causes Mantis to crash with an error (dregad) - closed.
  • 0015659: [localization] Appears @70@ and @80@ in the list of resolutions in the "view Issues" page when mantis is in catalan. (dregad) - closed.
  • 0015691: [administration] Config report: retrieval of saved project filter from cookie does not work (dregad) - closed.
  • 0015453: [security] CVE-2013-1930: Close button is shown on webpage despite 'close' is not a valid status by workflow (dregad) - closed.
  • 0015511: [security] CVE-2013-1931: XSS vulnerability when deleting a version (atrol) - closed.
  • 0015698: [bugtracker] 'extract() expects parameter 1 to be array, boolean given' in '/srv/www/bugs/account_prof_edit_page.php' line 48 (dregad) - closed.
  • 0015704: [documentation] Wrong description of writing custom_functions (atrol) - closed.
  • 0015744: [bugtracker] Reminder bugnote with list of recipients not added if no text provided (dregad) - closed.
  • 0015451: [api soap] Incorrect invocations of SoapObjectsFactory::newSoapFault (rombert) - closed.
  • 0015517: [api soap] mc_project_get_versions() result can't be parsed by C# (dregad) - closed.
  • 0015522: [api soap] mc_project_get_issues does not report due_date (dregad) - closed.

Lire la suite: http://www.mantisbt.org/bugs/changelog_page.php?version_id=182


(supplément 1)
4 Avril 2013 - 22MBApplications:
  • Install: Improvements to the install routine to improve compatibility with more PHP configurations.


(version de sécurité)
30 Janvier 2013 - 22MBMantisBT 1.2.14 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are strongly advised to upgrade to this release. Please refer to the release notes for details.
  • 0015415: [security] XSS vulnerability on Configuration Report page (dregad) - closed.
  • 0015416: [security] XSS issue in adm_config_report.php when displaying complex value (dregad) - closed.
  • 0015411: [performance] Huge memory consumption for print_user_option_list() (dregad) - closed.

Lire la suite: http://www.mantisbt.org/bugs/changelog_page.php?version_id=181


11 Novembre 2012 - 22MB


9 Juin 2012 - 22MB


2 Avril 2012 - 22MB


4 Mars 2012 - 21MB


6 Septembre 2011 - 21MB


23 Août 2011 - 16MB


27 Juillet 2011 - 16MB


6 Avril 2011 - 16MB


15 Décembre 2010 - 16MB


14 Octobre 2010 - 16MB

Nos hébergements Web compatibles avec


Uniquement l'hébergement Web

Hébergement Web 100% SSD
100 Go et +
Gestion multisites
Certificats SSL gratuits
Protection Anti-DDoS
10 Go de VOD

En savoir plus

à partir de 5.75 € / mois


L'offre complète Web+Mail

Hébergement Web 100% SSD
100 Go et +
Gestion multisites
Certificats SSL gratuits
Protection Anti-DDoS
10 Go de VOD

Messagerie professionnelle
25 adresses email avec stockage illimité

Messagerie en ligne
Messagerie instantanée
Synchronisation des contacts et agendas

En savoir plus

à partir de 7.42 € / mois

Serveur Cloud


Hébergement Web 100% SSD
100 Go et +
Gestion multisites
Certificats SSL gratuits
Protection Anti-DDoS
10 Go de VOD

2 CPU et +
6 Go de RAM et +
100% SSD
Ressources 100% dédiées

Infomaniak gère votre serveur

En savoir plus

à partir de 29 € / mois

Prix en EUR TTC

Guides utiles

    +41 22 820 35 44

    Du lundi au vendredi de 8h00 à 17h50