[ubuntu/disco-security] redmine 4.0.1-2ubuntu0.1 (Accepted)
Paulo Flabiano Smorigo
pfsmorigo at canonical.com
Mon Nov 25 23:20:32 UTC 2019
redmine (4.0.1-2ubuntu0.1) disco-security; urgency=medium
* SECURITY UPDATE: persistent XSS exists due to textile formatting
- debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way
that html tags are identified to be escaped. (LP: #1853063)
- CVE-2019-17427
- https://www.cvedetails.com/cve/CVE-2019-17427/
- Redmine Defect #31520
Date: 2019-11-25 21:49:23.917163+00:00
Changed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
https://launchpad.net/ubuntu/+source/redmine/4.0.1-2ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list