[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 351-1] redmine security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : redmine
Version        : 1.0.1-2+deb6u11
CVE ID         : CVE-2015-8346

It was discovered that there was a data disclosure vulnerability in
Redmine, a web-based bug and project management tool.

The time logging form could disclose subjects of issues that are not
visible/public. Patch by Holger Just.

For Debian 6 Squeeze, this issue has been fixed in redmine version
1.0.1-2+deb6u11.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWVtyGAAoJEB6VPifUMR5YjasP/34a74PHg0UTr7pxjhTA2a+e
mKeD/rxdB0SYqucQ9PCyATcGdnRoXt0RkbJFRWK70BOUNM2vYFdOj5Kh8zj/exma
ziMUlvT84GpSB/2q04t3L6HbDe0wYBQig9+QHUvvDLmJzCfTmtqwXg4+RPOJiffo
0myuL9DkKoS/uExOpC9vbPEYpEiVq0tHIZbVN/SxC0RdwEso6pjN3qbQSiq8D/hM
fZK+9MOKva+nDJS0MF2riqmAIz7JRrkUiLPJDQMmwhjXWlOB5R7/esFl1SQbW17p
Tl7v+JZjLIBrhYj6wdd0bQ75svEhwte+SmY/IYuAPNwIlGQVoAyyUyk39y2dhiHo
f2FgfeuMVu/H5ofxYpUZRREfCuzAuB0Q22Un3l5ugG9LDLPz0qv9OeNsNSqxNJsw
diO6I83RV756acyX2xCVWnW5bJ5CwaJ8Ti9q/ixNvKojD2HzZAObZR2WHLtP0FnJ
ARW5WNNYxnrmBpPX8anfg+/JqRrEemDCorFhP+CVFnXR5xEGXxPAUKv4bwJWDlpl
0uepVogH+JTHIWIInanz12K9jNSu7dkIbk/7OK78/MDbQv8DMLoFsKjlftnhaPrX
uw1Yc0G04J88nPLZtVJPjGLgiTEotS8MwaTsJdpxKCNLM9zB0DNOnM6w03eRYmGF
Pco0R4xw3wWkxevta494
=DNhk
-----END PGP SIGNATURE-----
Reply to: