[DRE-maint] Bug#608397: redmine: security issues in 1.0.1 (fixed in 1.0.5)

Thijs Kinkhorst thijs at debian.org
Wed Feb 23 17:39:58 UTC 2011


Hi Jérémy,

On Wednesday 23 February 2011 15:04:10 Jérémy Lal wrote:
> Redmine package 1.0.1-1 is affected by several security issues :
> * Info leak in journals controller
> * Persistent XSS in wiki
> * Command Execution in SCM adapter

Thanks. We've taken note of the issue (RT 3009) and someone from the team will 
tend to it as soon as possible.


Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-ruby-extras-maintainers/attachments/20110223/d2fdec8c/attachment.pgp>


More information about the Pkg-ruby-extras-maintainers mailing list