Hash: SHA512
-
-------------------------------------------------------------------------
Debian Security Advisory DSA-4574-1
https://www.debian.org/security/ Moritz Muehlenhoff
November 19, 2019 https://www.debian.org/security/faq
-
-------------------------------------------------------------------------
Package : redmine
CVE ID : CVE-2019-17427 CVE-2019-18890
Hoger Just discovered an SQL injection in Redmine, a project
management
web application. In addition a cross-site scripting issue was found
in
Textile formatting.
For the oldstable distribution (stretch), these problems have
been fixed
in version 3.3.1-4+deb9u3.
We recommend that you upgrade your redmine packages.
For the detailed security status of redmine please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/redmine
Further information about Debian Security Advisories, how to
apply
these updates to your system and frequently asked questions can
be
found at: https://www.debian.org/security/
Mailing list:
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl3UPCQACgkQEMKTtsN8
TjZ77w//e2PlXzfRWNeBvzsxuDQgxe5T/r2DPfWV0HL1Pns8+zq/PRfKIMILEUEx
Nru32E25B7ulc732WZn6/AzEwZ4TBzUZcVfbOBl9OAWZakH+8p9PDByVLKlyfxpY
FqxLbNBzIv1gHYIEBkoRtj1IF7xkiQKCuCqOkE5/Zt9q8b5bb4z+XoFLwIhpeFqi
rA7Ae6tUjs0YxcahL2IbcwvqRGmwesdecBDJ5TFL41+noTkTsr7KfRjTfw+lSHr+
0Zd3+EdxIF1/A2XalozQsp1Z6XIWo4p7BBv55tMQy0OENEZ2/DRrPykOY5hcqMLq
LKMksamYIYqDHhw9Zsedwq+ao0dV8yxYS8Pu+527qEs/Ie0A+zcLXgUCdy+i/SJ8
o3JaEtMyL9VlgT8wx7kq5A6ext91SLuBEJ9WcFOoJTi2AqLYqZm2n3pMb2YKFh1q
W2arhxuZwlu2ymbQDxy/RrFdVBLq7EyrKFf6nZqJAbRNBvq+kCeozbrYBcrTYl9B
IBTLGngcZj058JXbHFAoLc/vR1LquTNClousSqIeEpqcSBC6oENLwTus1b4OeDLJ
WJ64MCj9Bd/YEJTcJ8EDzWCvukn9UdSc7t2uYIW996uwe30nCp8Ewk9JdkUkCtUD
gb2TG6/IxfVLaO3sptmbbkPE+NmlplNoySQHD2YYSH3EOOT9xUY=S7b3
-----END PGP SIGNATURE-----
Read more https://packetstormsecurity.com/files/155408/dsa-4574-1.txt