[SECURITY] [DLA 1750-1] roundup security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1750-1] roundup security update
From: "Chris Lamb" <lamby@debian.org>
Date: Sun, 07 Apr 2019 08:33:23 -0400
Message-id: <[🔎] f512649e-0012-4f68-8be8-d238182d80cd@www.fastmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : roundup
Version        : 1.4.20-1.1+deb8u2
CVE ID         : CVE-2019-10904

Hanno Böck was discovered that there was a cross-site scripting
(XSS) vulnerability in the web front-end of the roundup issue-
tracking system.

For Debian 8 "Jessie", this issue has been fixed in roundup version
1.4.20-1.1+deb8u2.

We recommend that you upgrade your roundup packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlyp7ZMACgkQHpU+J9Qx
HlgZKxAAwwK/IUgern6W24g0vSS4cq8CYFo1529yxjypRQJSI5SBd0bUnXFO/M5U
ZU9usfMdEM/7jIVYKSj3Fm87PwBKwLxFWHNPMR9leRraooKNNpXUFupSvGllUAgd
1DHjjgjGTXCA8UPzV+1NYNEqxCJluJRpymYKxIY6afDWf7sS3QrC8mLGQWYnVUA+
JnstbhpnMapS+2IzcZe4j9w6xePrd7zehqOFZ9e1Tg77qdLYJoUBAMV/I7aJkRpA
8lAcJV8QVZcCpx+6IUP/iTjUTAalp78xA9+SbqXhT/jJOxLLQg1ycJ8BFfVFpHiY
Z55f3zlZtkV0o/Csd2fdfHWXIcYWtLaOmLjjpexKqUKd0M5vnYC6KsYhr4P8KlOD
jLPrDRj5hq5Sk46PZA+M6ISntO/SHiNJxmpMWpEPlVIuJO4fgeGnK7FQWiaMCVib
9qQdRl/GKjAblRrCDMSTRmGtV0dQT2WV2+ne7hO5uxATLPmTquYmQrFbEo/+xt3K
SRdS3/Ha7Qoh65s9RDF9M1duOW2L2cFS5l+mp0nzcv7Dpe/OX9sQxEgJOtOpFUq2
zSvQKMmT2i6SIF+69LaJY0Ldz6TW2FHA9Tt7tMUiYsTX3vD5LTA8eFnDLM1YUpsW
CPUNTpUAQHf3DhNhQIPvtkM5t7eetUIaz+xJjpX4whgTp0oLQmI=
=wM9T
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1748-1] apache2 security update
Next by Date: [SECURITY] [DLA 1751-1] suricata security update
Previous by thread: [SECURITY] [DLA 1748-1] apache2 security update
Next by thread: [SECURITY] [DLA 1751-1] suricata security update
Index(es):
- Date
- Thread