Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 817686

Summary: www-apps/redmine: Multiple vulnerabilties
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: trivial CC: azamat.hackimov, proxy-maint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~4 [ebuild]
Package list:
Runtime testing required: ---

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-10-11 03:31:41 UTC
From the 4.1.5 and 4.2.3 release notes:
```
[Security]
    Defect #35789: Redmine is leaking usernames on activities index view
    Patch #35463: Enforce stricter class filtering in WatchersController
```

https://www.redmine.org/projects/redmine/wiki/Changelog_4_2
https://www.redmine.org/projects/redmine/wiki/Changelog_4_1
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-10-13 01:59:03 UTC
We'll use the other one given it's got the CVE.

*** This bug has been marked as a duplicate of bug 817917 ***