oss-sec mailing list archives
CVE request: Redmine - Data disclosure in atom feed
From: Matthias Geerdsen <matthias () vorlons info>
Date: Tue, 8 Dec 2015 21:31:42 +0100
Hi, please assign a CVE ID a data disclosure issue fixed in the latest Redmine Releases (2.6.9, 3.0.7 and 3.1.3) [1,2,3,4]. Changelogs are mentioning a private ticket [5]. The relevant commit should be this one [6]. Cheers Matthias [1] http://www.redmine.org/projects/redmine/wiki/Changelog_3_1 [2] http://www.redmine.org/projects/redmine/wiki/Changelog_3_0 [3] http://www.redmine.org/projects/redmine/wiki/Changelog_2_6 [4] http://www.redmine.org/news/103 [5] http://www.redmine.org/issues/21419 [6] <https://github.com/redmine/redmine/commit/7e423fb4538247d59e01958c48b491f196a1de56> http://www.redmine.org/projects/redmine/wiki/Security_Advisories
Current thread:
- CVE request: Redmine - Data disclosure in atom feed Matthias Geerdsen (Dec 08)
- Re: CVE request: Redmine - Data disclosure in atom feed cve-assign (Dec 09)