[SECURITY] [DSA 5699-1] redmine security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5699-1] redmine security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 24 May 2024 16:43:49 +0000
Message-id: <[🔎] ZlDDxTDP48P31Um7@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5699-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 24, 2024                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : redmine
CVE ID         : CVE-2023-47258 CVE-2023-47259 CVE-2023-47260

Multiple cross-site scripting vulnerabilities were found in Redmine,
a project management web application.

For the stable distribution (bookworm), these problems have been fixed in
version 5.0.4-5+deb12u1.

We recommend that you upgrade your redmine packages.

For the detailed security status of redmine please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/redmine

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZQw0gACgkQEMKTtsN8
TjbXDhAAlwLX55/MEXwBGXK2/diyo0jALkcur3+674tfQQGzTDeOzN9LVxJLLSS6
FkgJEv/9bW/EjRpltBR64eqPjJC8JSmiqcEC7YU0paZi4gKyurBBy1F5hI2kHHFN
M9KzjIh44Wak6W/3PtJHw8nClZMG2uJZFiXhqzrR1Gv+NWlFILhNyB1RGzB5hQYr
2/arb7tEj4heXGWtahrbzi7YZS5a0aREK0nQ7y09DCYpvlJTlpt3almGxPJhpbyz
RTwhRMrOTOZJHfwAwxjND2xmblfvkeQxLrNbBBEO9NO18cN69lOMA/sG3haMMkVK
RpZFIaEl+F8t0WIqlAog4JjiivrhkFL3Px4uthuD0HzAzxveHvC9rgqPWUOre2eL
BONo74Wsx5kY+gY7RZyNJRQ7VRk71lRlqAlGSofJ9ckfOincXV8lT7DEEcki42Qh
rx8Fw682z5m+ozyaI0FBK4yiKiZ44bgjIb166paoxhA+H9WiubhR70Z2SMUG2x7I
qktbTa+oboSXOc2zYDFpIa5XWXWJz6OspHBxGE7JF+Zs/eRhxXsAJb/diJB6msgD
GTFAmynvAifcfDHczRqG56AG8jVku4nIGT0Q7INAeukhdWUU5jyqYrcF0UoPa+c+
NW4g5CZNACKjpFAIwo+WJceUMsgVy8ZvIV/IRH12XtslD50K1yM=
=Fejb
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5698-1] ruby-rack security update
Next by Date: [SECURITY] [DSA 5700-1] python-pymysql security update
Previous by thread: [SECURITY] [DSA 5698-1] ruby-rack security update
Next by thread: [SECURITY] [DSA 5700-1] python-pymysql security update
Index(es):
- Date
- Thread