| Summary: | www-apps/redmine: Multiple vulnerabilties | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sam James <sam> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | trivial | CC: | azamat.hackimov, proxy-maint |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | ~4 [ebuild] | ||
| Package list: | Runtime testing required: | --- | |
We'll use the other one given it's got the CVE. *** This bug has been marked as a duplicate of bug 817917 *** |
From the 4.1.5 and 4.2.3 release notes: ``` [Security] Defect #35789: Redmine is leaking usernames on activities index view Patch #35463: Enforce stricter class filtering in WatchersController ``` https://www.redmine.org/projects/redmine/wiki/Changelog_4_2 https://www.redmine.org/projects/redmine/wiki/Changelog_4_1