You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa redmine

Sigurnosni nedostaci programskog paketa redmine

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4574-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 19, 2019 https://www.debian.org/security/faq
– ————————————————————————-

Package : redmine
CVE ID : CVE-2019-17427 CVE-2019-18890

Hoger Just discovered an SQL injection in Redmine, a project management
web application. In addition a cross-site scripting issue was found in
Textile formatting.

For the oldstable distribution (stretch), these problems have been fixed
in version 3.3.1-4+deb9u3.

We recommend that you upgrade your redmine packages.

For the detailed security status of redmine please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/redmine

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl3UPCQACgkQEMKTtsN8
TjZ77w//e2PlXzfRWNeBvzsxuDQgxe5T/r2DPfWV0HL1Pns8+zq/PRfKIMILEUEx
Nru32E25B7ulc732WZn6/AzEwZ4TBzUZcVfbOBl9OAWZakH+8p9PDByVLKlyfxpY
FqxLbNBzIv1gHYIEBkoRtj1IF7xkiQKCuCqOkE5/Zt9q8b5bb4z+XoFLwIhpeFqi
rA7Ae6tUjs0YxcahL2IbcwvqRGmwesdecBDJ5TFL41+noTkTsr7KfRjTfw+lSHr+
0Zd3+EdxIF1/A2XalozQsp1Z6XIWo4p7BBv55tMQy0OENEZ2/DRrPykOY5hcqMLq
LKMksamYIYqDHhw9Zsedwq+ao0dV8yxYS8Pu+527qEs/Ie0A+zcLXgUCdy+i/SJ8
o3JaEtMyL9VlgT8wx7kq5A6ext91SLuBEJ9WcFOoJTi2AqLYqZm2n3pMb2YKFh1q
W2arhxuZwlu2ymbQDxy/RrFdVBLq7EyrKFf6nZqJAbRNBvq+kCeozbrYBcrTYl9B
IBTLGngcZj058JXbHFAoLc/vR1LquTNClousSqIeEpqcSBC6oENLwTus1b4OeDLJ
WJ64MCj9Bd/YEJTcJ8EDzWCvukn9UdSc7t2uYIW996uwe30nCp8Ewk9JdkUkCtUD
gb2TG6/IxfVLaO3sptmbbkPE+NmlplNoySQHD2YYSH3EOOT9xUY=
=S7b3
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2019-11-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa OpenShift Container Platform

Otkriveni su sigurnosni nedostaci u programskom paketu OpenShift Container Platform za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju zaobilaženje...

Close