UbuntuUpdates.org

Package "redmine"

Name: redmine

Description:

flexible project management web application

Latest version: 3.4.4-1ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: universe
Homepage: https://www.redmine.org

Links


Download "redmine"


Other versions of "redmine" in Bionic

Repository Area Version
base universe 3.4.4-1
updates universe 3.4.4-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.4.4-1ubuntu0.1 2019-11-26 00:06:20 UTC

  redmine (3.4.4-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: persistent XSS exists due to textile formatting
    - debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way
      that html tags are identified to be escaped. (LP: #1853063)
    - CVE-2019-17427
    - https://www.cvedetails.com/cve/CVE-2019-17427/
    - Redmine Defect #31520

 -- Paulo Flabiano Smorigo <email address hidden> Mon, 25 Nov 2019 20:17:10 +0000

1853063 SQL injection and Persistent XSS in textile formatting
CVE-2019-17427 In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors.



About   -   Send Feedback to @ubuntu_updates