-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 18 Nov 2019 18:46:42 -0300 Source: redmine Binary: redmine redmine-mysql redmine-pgsql redmine-sqlite Architecture: source all Version: 3.3.1-4+deb9u3 Distribution: stretch-security Urgency: high Maintainer: Antonio Terceiro <terceiro@debian.org> Changed-By: Lucas Kanashiro <lucas.kanashiro@canonical.com> Description: redmine - flexible project management web application redmine-mysql - metapackage providing MySQL dependencies for Redmine redmine-pgsql - metapackage providing PostgreSQL dependencies for Redmine redmine-sqlite - metapackage providing sqlite dependencies for Redmine Changes: redmine (3.3.1-4+deb9u3) stretch-security; urgency=high . * Fix CVE-2019-17427: persistent XSS exists due to textile formatting errors. * Fix CVE-2019-18890: SQL injection vulnerability Checksums-Sha1: 66f38263cfa69c6e25c192150589a51a0f0643d5 2838 redmine_3.3.1-4+deb9u3.dsc 2845e0111a25f0275514ec2a966e23657b9aa35f 2350320 redmine_3.3.1.orig.tar.gz 7ce70d55714f2167e085f59e617fd861dea5af37 249540 redmine_3.3.1-4+deb9u3.debian.tar.xz 160c655e3e973fc34d627cec7cfd0db404a99257 87760 redmine-mysql_3.3.1-4+deb9u3_all.deb d8504b7698466cc48ea54ad6f3112c9ec474314a 87734 redmine-pgsql_3.3.1-4+deb9u3_all.deb 06332aefd98a0cee1795c0764c48c1f61c8e1469 87708 redmine-sqlite_3.3.1-4+deb9u3_all.deb c0a9bb4be5a42e42dc9c858ed022253123ca371f 1222852 redmine_3.3.1-4+deb9u3_all.deb c9c5fa727585161c172ea22a1144fd334ec8cb9f 10478 redmine_3.3.1-4+deb9u3_amd64.buildinfo Checksums-Sha256: 49b8db906dea33bf45c17dada5e58474dd72794f553f0e6f01621728350c0b7f 2838 redmine_3.3.1-4+deb9u3.dsc 89c5a3ee1d1a3a956795fe253e4dc0c5de886f5495ddb2a0f8b6634a104c07c8 2350320 redmine_3.3.1.orig.tar.gz fa4267410ff86f244d82bc5afdf7a20bcb506875c6b89bae8d35a8e587c577e9 249540 redmine_3.3.1-4+deb9u3.debian.tar.xz bd1529843eb258ab186121132477ba7ad25ee65e47100994b1130c1b33fe0155 87760 redmine-mysql_3.3.1-4+deb9u3_all.deb 958acdcb969b659b7029b2c709c9aa8c13a67fbd667afb8007ad055b2d31ea57 87734 redmine-pgsql_3.3.1-4+deb9u3_all.deb e6b9f05139a0f24a23b8943ecd6bc8c72701295afbec3b243623094c294de068 87708 redmine-sqlite_3.3.1-4+deb9u3_all.deb 58d5e514e9bee84d219ba4a4943a18fb71a693fb36ba0c0ee1f138e13d17eb21 1222852 redmine_3.3.1-4+deb9u3_all.deb c3757611a961eb247e36477f0f0a193888a3ce4875e8e9b9c94bf594ea181db0 10478 redmine_3.3.1-4+deb9u3_amd64.buildinfo Files: cfd3980c00e8786286840f7089723858 2838 web extra redmine_3.3.1-4+deb9u3.dsc bfa69f3bb3d1792d7a503e0d0c940349 2350320 web extra redmine_3.3.1.orig.tar.gz 40daaa2099c88c25b79dc58724d9e155 249540 web extra redmine_3.3.1-4+deb9u3.debian.tar.xz 6cf7ee16e62939b7bbf28aabcd4e6235 87760 web extra redmine-mysql_3.3.1-4+deb9u3_all.deb 6db88dff5678032ea7cf90430e8868e2 87734 web extra redmine-pgsql_3.3.1-4+deb9u3_all.deb 1c462409ed0540517ebdda9766e6a4b2 87708 web extra redmine-sqlite_3.3.1-4+deb9u3_all.deb 34ad5b240399bb5de0d66b502a413b8a 1222852 web extra redmine_3.3.1-4+deb9u3_all.deb fb586a08d7763deb6bf083136838169b 10478 web extra redmine_3.3.1-4+deb9u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJSBAEBCAA8FiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAl3TEyMeHGx1Y2FzLmth bmFzaGlyb0BjYW5vbmljYWwuY29tAAoJEPgjonKYg8l8PDwP/0y2+QCMzlv0Ymte OUvlmhpUW07ug2+fuR3t9+N9x/dtXRfqn+Zzqa61uFYJL967ZWUrjSiwh8NQR4O+ rKjoKd+oTu76VChAaecz/QWKbrDx1pgASuE+rbJpS+DT/zf2zpaPDSdi0zWQ4lWu cfZAESB3lvpRTcwN6WvDOw386v6cDKAbd3KfjOm9B6uHLuRKOMTna0Fl/8mUk2ld 4M/mkD7QA+RVKhR/D1I4YpQIZmexRH0qm8BqNnYHYwRXb9A7mdX0/uZGb6GdSyHv MBjPle3DHt1tZZMI8a/WxN4/RXtR3nxNTSWjIWBLAI+461z41dbRX2VW2/eyuO55 6CCAUDKZ+vm/VZBD777JUAOvsQZh9EDv9F30T/RRQvQDX2E4isb4wjht/2HrC+fO SuQ0XKHZZDb15te+VUWbThB7aU2wUv6JKdw3HFMh1aPLaF9eTo/kJ6f+JVAmG0kp tDRi8jmMwBqc5O0iL5I0S8elVIvW7CBfgnFqmD8+de+NArnKlaD2Fd82O65PNrZw Wq1TKzLrHuOJTorC/3wyylGkabMd/CAehiKPLvm7nEul+Kv79pLk35v6MkV6+Uun p+5Dtfu2AFg1isLPuC2srUs9VEGKFmqwENaImyt07wwh6ZlmkuGUybCawwVeBp/V S7arhqBRS7R8JZsb8ZHoUVnqa5Ue =yBuG -----END PGP SIGNATURE-----
