Accepted redmine 3.0~20140825-8~deb8u2 (source all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 19 Mar 2016 20:31:15 -0300
Source: redmine
Binary: redmine redmine-mysql redmine-pgsql redmine-sqlite
Architecture: source all
Version: 3.0~20140825-8~deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Jérémy Lal <kapouer@melix.org>
Changed-By: Antonio Terceiro <terceiro@debian.org>
Description:
redmine - flexible project management web application
redmine-mysql - metapackage providing MySQL dependencies for Redmine
redmine-pgsql - metapackage providing PostgreSQL dependencies for Redmine
redmine-sqlite - metapackage providing sqlite dependencies for Redmine
Closes: 806376 807272 807345 807826
Changes:
redmine (3.0~20140825-8~deb8u2) jessie-security; urgency=high
.
* Security update. Includes fixes for the following vulnerabilities:
- CVE-2015-8346: Data disclosure on the time logging form
(Closes: #806376)
- CVE-02015-8474: open redirect vulnerability
(Closes: #807272)
- CVE-2015-8473: Issues API may disclose changeset messages that are not
visible
(Closes: #807345)
- CVE-2015-8537: Data disclosure in atom feed
(Closes: #807826)
Checksums-Sha1:
e9d262854135764a2629adf598a6bdbd355ae4f9 2294 redmine_3.0~20140825-8~deb8u2.dsc
03ad5b379dc0999f03c41fad9545fac037bf4546 2193559 redmine_3.0~20140825.orig.tar.gz
598d17cab03ab1beb81296183c47109024fd5400 243076 redmine_3.0~20140825-8~deb8u2.debian.tar.xz
67f7492cbd476907af89aa7b888c16639e583085 4653870 redmine_3.0~20140825-8~deb8u2_all.deb
bc8f6c3295ffd013b056bdc9156b1546ab9e9e90 70740 redmine-mysql_3.0~20140825-8~deb8u2_all.deb
71d531067b9775598780f02dbad2c449ba4c6245 70708 redmine-pgsql_3.0~20140825-8~deb8u2_all.deb
e636590af4f6599adc6295b416419c50605c2094 70692 redmine-sqlite_3.0~20140825-8~deb8u2_all.deb
Checksums-Sha256:
8bf344cf9333253ec55e59b68f77af0da5e3dc4406e314b562861ba4f585c3ea 2294 redmine_3.0~20140825-8~deb8u2.dsc
97accde569350973ff9ba1c1ca5118726dd4fb7f1d47526f902c66d0dc88bc68 2193559 redmine_3.0~20140825.orig.tar.gz
8b461d493aa9fb4aa8f0e63b35165b4fe18188f885fc75d1ba133739bd78a340 243076 redmine_3.0~20140825-8~deb8u2.debian.tar.xz
edcce602747d1e9240fcdba65e5040981d90ac49d2f9030cef28c37d2c1295a7 4653870 redmine_3.0~20140825-8~deb8u2_all.deb
70461c0d62acd0198b5441bbfea261fedf564e8762cd8645493e14d6cc27a0c2 70740 redmine-mysql_3.0~20140825-8~deb8u2_all.deb
c0a4d7ade48c6608c7fbbd614c6072816c88577d5155f5270250304251895397 70708 redmine-pgsql_3.0~20140825-8~deb8u2_all.deb
7fa4aae57ba37f94526a47a157b3582d69e9236c29543dd10d89e4bec316c552 70692 redmine-sqlite_3.0~20140825-8~deb8u2_all.deb
Files:
4867f7033ee33c5359ab34e06b589ac1 2294 web extra redmine_3.0~20140825-8~deb8u2.dsc
d40022d37b8b13b3aa4059efd96e33af 2193559 web extra redmine_3.0~20140825.orig.tar.gz
fb95747357eaf9d75f89828d6d4d855f 243076 web extra redmine_3.0~20140825-8~deb8u2.debian.tar.xz
cc207649fcc55b8f3469ab8297e3883f 4653870 web extra redmine_3.0~20140825-8~deb8u2_all.deb
b595c751ea76bce43782d669c649f787 70740 web extra redmine-mysql_3.0~20140825-8~deb8u2_all.deb
dd22331b1b13cae0820fbd7da808967a 70708 web extra redmine-pgsql_3.0~20140825-8~deb8u2_all.deb
0d12d1473c648668c664214503a48f71 70692 web extra redmine-sqlite_3.0~20140825-8~deb8u2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJW7zs5AAoJEPwNsbvNRgve0c0QAIKYMP8AU5dcBY6RTEKZewLp
C92XHE6vj0zBp+SGoJm4x0wc4nQRsuwdcVdtSGXbSsU7cwvuH0ftgZq2YlX9uE2h
7qv20jA5SZKL9vzYvPo0rhHb4QyPOepBUDCqXdRT6Ik6J4bOcQF3D0dDVXHCwUmU
bOvHlOxn0UJibpn9ynb7BS4ZDLUrgzxhOSDWuVr2Lfea1v7XiMGi43n7nXYpmF/0
lwa505gHYs09FTjk2XC396jyL18djDq+/mySZv8/YYbeaYMFK9WSfxAYtwbIqGqZ
jcK3V2tCSDSle+WYUKoMw4U0IzkH/bariyYeaTd03WVKPAHqQTwUABvmrhKVLYTi
G93PAF7T3k3lC6clFsaYuRsn4bjYzsUDLhpGQJCHvysTiacqN1PS+dJpWj1I1W+f
N4s8p36hK+XnE1ddXVNzu4n45JEWZG1pihg2OThaOnS4QyGPZsitHw+WkDhlyjRo
Cv6Hcc218p9Y1Lp9cL9TugrGB3tZ2JlKHs4NIRpSOiP4O04ir7flLFlIg95T/Zho
MEIRFcc85mwzS/VznX4dog5EgHtfR6+KsA5U+Wd3FmYAbPur+GfjrrctFCyciqFt
GxudeoXkEfnLAkcbx451EMdnYug4JPX87gnFJJBrS1YPTt80vlvxnB2HmGVP0CyE
hduAi4luiuXIjJYKSLP9
=mAhI
-----END PGP SIGNATURE-----
Reply to: