redmine - Debian Package Tracker

general

source: redmine (main)
version: 4.0.7-1
maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
uploaders: Lucas Kanashiro [DMD] – Marc Dequènes (Duck) [DMD] – Jérémy Lal [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 3.3.1-4+deb9u3
old-sec: 3.3.1-4+deb9u3
stable-bpo: 4.0.7-1~bpo10+1
unstable: 4.0.7-1

versioned links

3.3.1-4+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.0.7-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.0.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

redmine (9 bugs: 1, 4, 4, 0)
redmine-mysql
redmine-pgsql
redmine-sqlite

action needed

A new upstream version is available: 4.2.0 high

A new upstream version 4.2.0 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2021-04-20 19:31

6 security issues in stretch high

There are 6 open security issues in stretch.

6 important issues:

CVE-2019-25026: Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting.
CVE-2020-36306: Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field.
CVE-2020-36307: Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links.
CVE-2020-36308: Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries.
CVE-2021-30163: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values.
CVE-2021-30164: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.

Created: 2021-04-06 Last update: 2021-04-12 11:02

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2021-30163: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values.
CVE-2021-30164: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.

Created: 2021-04-06 Last update: 2021-04-12 11:02

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 20-day delay is over. Check why.

Created: 2020-09-03 Last update: 2021-04-20 23:34

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-04-20 23:32

Depends on packages which need a new maintainer normal

The packages that redmine depends on which need a new maintainer are:

raphael (#895407)
- Depends: libjs-raphael

Created: 2019-11-22 Last update: 2021-04-20 22:06

1 new commit since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 95004a92c4c39b6ded8cd30c89179f14f1208d00
Author: Cédric Boutillier <boutil@debian.org>
Date:   Tue Sep 1 13:31:32 2020 +0000

    [ci skip] Update team name

Created: 2020-09-01 Last update: 2021-04-16 13:37

piuparts found (un)installation error(s) normal

Piuparts stresses package installation, uninstallation, upgrade, ... While doing such tests, one or more errors were found for the following suites:

sid - piuparts

You should fix them.

Created: 2021-03-24 Last update: 2021-03-24 15:45

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-11-17 05:41

testing migrations

excuses:
- Migration status for redmine (- to 4.0.7-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating redmine introduces new bugs: #969206
- Rejected due to piuparts regression - https://piuparts.debian.org/sid/source/r/redmine.html
- autopkgtest for redmine/4.0.7-1: amd64: Pass, arm64: Pass, armhf: Regression ♻ , i386: Regression ♻ , ppc64el: Regression ♻
- blocked by freeze: is not in testing
- Additional info:
- 365 days old (needed 20 days)
- Not considered

news

[rss feed]

[2020-09-04] redmine REMOVED from testing (Debian testing watch)
[2020-05-02] Accepted redmine 4.0.7-1~bpo10+1 (source) into buster-backports (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2020-04-23] redmine 4.0.7-1 MIGRATED to testing (Debian testing watch)
[2020-04-20] Accepted redmine 4.0.7-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2020-02-15] redmine 4.0.6-2 MIGRATED to testing (Debian testing watch)
[2020-02-12] Accepted redmine 4.0.6-2 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2020-02-06] Accepted redmine 4.0.6-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2020-01-27] Accepted redmine 4.0.4-3~bpo10+1 (source all) into buster-backports, buster-backports (Lucas Kanashiro)
[2019-11-24] Accepted redmine 3.3.1-4+deb9u3 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Lucas Kanashiro)
[2019-11-19] Accepted redmine 3.3.1-4+deb9u3 (source all) into oldstable->embargoed, oldstable (Lucas Kanashiro)
[2019-09-12] redmine 4.0.4-3 MIGRATED to testing (Debian testing watch)
[2019-09-09] Accepted redmine 4.0.4-3 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2019-09-06] Accepted redmine 4.0.4-2 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2019-08-17] Accepted redmine 4.0.4-1 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2019-04-15] Accepted redmine 4.0.1-2 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2019-02-18] Accepted redmine 4.0.1-1 (source) into unstable (Lucas Kanashiro)
[2019-02-06] redmine REMOVED from testing (Debian testing watch)
[2018-09-27] redmine 3.4.6-1 MIGRATED to testing (Debian testing watch)
[2018-07-31] Accepted redmine 3.4.6-1 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2018-06-03] Accepted redmine 3.3.1-4+deb9u2 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2018-06-03] Accepted redmine 3.3.1-4+deb9u2 (source) into stable->embargoed, stable (Salvatore Bonaccorso)
[2018-05-07] Accepted redmine 3.3.1-4+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Lucas Kanashiro)
[2018-05-03] Accepted redmine 3.3.1-4+deb9u1 (source all) into stable->embargoed, stable (Lucas Kanashiro)
[2018-04-15] Accepted redmine 3.4.5-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2018-04-02] Accepted redmine 3.4.4-1 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2017-11-20] Accepted redmine 3.4.2-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
[2017-09-03] redmine REMOVED from testing (Debian testing watch)
[2017-03-15] redmine 3.3.1-4 MIGRATED to testing (Debian testing watch)
[2017-03-12] Accepted redmine 3.3.1-4 (source) into unstable (Antonio Terceiro)
[2017-02-19] redmine 3.3.1-3 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 8 9
RC: 1
I&N: 4
M&W: 3 4
F&P: 0
patch: 1

links

homepage
lintian
buildd: logs, clang
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (95, -)
debci