[Git][security-tracker-team/security-tracker][master] Add new redmine issues

Salvatore Bonaccorso carnil at debian.org
Tue Apr 6 21:22:47 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2aec5129 by Salvatore Bonaccorso at 2021-04-06T22:22:23+02:00
Add new redmine issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,9 +29,11 @@ CVE-2021-30166
 CVE-2021-30165
 	RESERVED
 CVE-2021-30164 (Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass ...)
-	TODO: check
+	- redmine <unfixed>
+	TODO: check fixing commit, fixed in 4.0.8
 CVE-2021-30163 (Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discov ...)
-	TODO: check
+	- redmine <unfixed>
+	TODO: check fixing commit, fixed in 4.0.8
 CVE-2021-30162 (An issue was discovered on LG mobile devices with Android OS 4.4 throu ...)
 	NOT-FOR-US: LG mobile devices
 CVE-2021-30161 (An issue was discovered on LG mobile devices with Android OS 11 softwa ...)
@@ -55,13 +57,17 @@ CVE-2021-23158
 CVE-2020-36309 (ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty ...)
 	TODO: check
 CVE-2020-36308 (Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discov ...)
-	TODO: check
+	- redmine 4.0.7-1
+	TODO: check fixing commit, fixed in 4.0.7
 CVE-2020-36307 (Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile ...)
-	TODO: check
+	- redmine 4.0.7-1
+	TODO: check fixing commit, fixed in 4.0.7
 CVE-2020-36306 (Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url f ...)
-	TODO: check
+	- redmine 4.0.7-1
+	TODO: check fixing commit, fixed in 4.0.7
 CVE-2019-25026 (Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data duri ...)
-	TODO: check
+	- redmine 4.0.6-1
+	TODO: check fixing commit, fixed in 4.0.6
 CVE-2021-30160
 	RESERVED
 CVE-2021-30159



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aec51292b89493873214092d0c056ec874a391c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aec51292b89493873214092d0c056ec874a391c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210406/275a6c2a/attachment.htm>

More information about the debian-security-tracker-commits mailing list