[Secure-testing-commits] r38095 - data/CVE
Matthias Geerdsen
kosh-guest at moszumanska.debian.org
Thu Dec 3 22:46:58 UTC 2015
Author: kosh-guest
Date: 2015-12-03 22:46:58 +0000 (Thu, 03 Dec 2015)
New Revision: 38095
Modified:
data/CVE/list
Log:
add temp entry for redmine open redirect vulnerability
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-03 22:17:54 UTC (rev 38094)
+++ data/CVE/list 2015-12-03 22:46:58 UTC (rev 38095)
@@ -1,3 +1,9 @@
+CVE-2015-XXXX [Open Redirect vulnerability]
+ - redmine <unfixed>
+ NOTE: http://www.redmine.org/projects/redmine/wiki/Security_Advisories
+ NOTE: https://www.redmine.org/issues/19577 (private)
+ NOTE: commit: https://github.com/redmine/redmine/commit/032f2c9be6520d9d1a1608aa4f1d5d1f184f2472
+ NOTE: upstream fixed in 2.6.7, 3.0.5 and 3.1.1
CVE-2015-XXXX [Issues API may disclose changeset messages that are not visible]
- redmine <unfixed>
NOTE: https://www.redmine.org/projects/redmine/wiki/Changelog_3_0
More information about the Secure-testing-commits
mailing list