redmine vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
Several security issues were fixed in redmine.
Software Description
It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. (CVE-2019-17427)
It was discovered that an SQL injection could allow users to access protected information via a crafted object query. (CVE-2019-18890)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04
redmine - 4.0.1-2ubuntu0.1
redmine-mysql - 4.0.1-2ubuntu0.1
redmine-pgsql - 4.0.1-2ubuntu0.1
redmine-sqlite - 4.0.1-2ubuntu0.1
Ubuntu 18.04 LTS
redmine - 3.4.4-1ubuntu0.1
redmine-mysql - 3.4.4-1ubuntu0.1
redmine-pgsql - 3.4.4-1ubuntu0.1
redmine-sqlite - 3.4.4-1ubuntu0.1
Ubuntu 16.04 LTS
redmine - 3.2.1-2ubuntu0.2
redmine-mysql - 3.2.1-2ubuntu0.2
redmine-pgsql - 3.2.1-2ubuntu0.2
redmine-sqlite - 3.2.1-2ubuntu0.2
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
Continue reading...
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Several security issues were fixed in redmine.
Software Description
- redmine - flexible project management web application
It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. (CVE-2019-17427)
It was discovered that an SQL injection could allow users to access protected information via a crafted object query. (CVE-2019-18890)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04
redmine - 4.0.1-2ubuntu0.1
redmine-mysql - 4.0.1-2ubuntu0.1
redmine-pgsql - 4.0.1-2ubuntu0.1
redmine-sqlite - 4.0.1-2ubuntu0.1
Ubuntu 18.04 LTS
redmine - 3.4.4-1ubuntu0.1
redmine-mysql - 3.4.4-1ubuntu0.1
redmine-pgsql - 3.4.4-1ubuntu0.1
redmine-sqlite - 3.4.4-1ubuntu0.1
Ubuntu 16.04 LTS
redmine - 3.2.1-2ubuntu0.2
redmine-mysql - 3.2.1-2ubuntu0.2
redmine-pgsql - 3.2.1-2ubuntu0.2
redmine-sqlite - 3.2.1-2ubuntu0.2
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
Continue reading...
