Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 567834 (CVE-2015-8477) - www-apps/redmine: cross-site scripting vulnerability
Summary: www-apps/redmine: cross-site scripting vulnerability
Alias: CVE-2015-8477
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
Whiteboard: ~4 [noglsa]
Depends on:
Reported: 2015-12-09 11:08 UTC by Agostino Sarubbo
Modified: 2016-01-23 13:16 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-12-09 11:08:38 UTC
From ${URL} :

Please assign a CVE identifier for cross-site scripting vulnerability fixed in
Redmine versions 3.0.0 and 2.6.2 (2015-02-19).

@maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
Comment 1 Manuel Rüger (RETIRED) gentoo-dev 2016-01-17 16:46:30 UTC
Version 2.6.9 added.
Comment 2 Manuel Rüger (RETIRED) gentoo-dev 2016-01-23 13:16:17 UTC
Vulnerable version removed. Closing as NOGLSA.