Debian Package Tracker
Register | Log in
Subscribe

redmine

flexible project management web application

Choose email to subscribe with

general
  • source: redmine (main)
  • version: 4.0.7-1
  • maintainer: Debian Ruby Extras Maintainers (archive) (DMD)
  • uploaders: Lucas Kanashiro [DMD] – Marc Dequènes (Duck) [DMD] – Jérémy Lal [DMD]
  • arch: all
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • oldstable: 3.3.1-4+deb9u3
  • old-sec: 3.3.1-4+deb9u3
  • stable-bpo: 4.0.7-1~bpo10+1
  • unstable: 4.0.7-1
versioned links
  • 3.3.1-4+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.0.7-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.0.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • redmine (9 bugs: 1, 4, 4, 0)
  • redmine-mysql
  • redmine-pgsql
  • redmine-sqlite
action needed
A new upstream version is available: 4.2.0 high
A new upstream version 4.2.0 is available, you should consider packaging it.
Created: 2020-06-29 Last update: 2021-04-20 19:31
6 security issues in stretch high

There are 6 open security issues in stretch.

6 important issues:
  • CVE-2019-25026: Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting.
  • CVE-2020-36306: Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field.
  • CVE-2020-36307: Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links.
  • CVE-2020-36308: Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries.
  • CVE-2021-30163: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values.
  • CVE-2021-30164: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.
Created: 2021-04-06 Last update: 2021-04-12 11:02
2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:
  • CVE-2021-30163: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values.
  • CVE-2021-30164: Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.
Created: 2021-04-06 Last update: 2021-04-12 11:02
The package has not entered testing even though the delay is over normal
The package has not entered testing even though the 20-day delay is over. Check why.
Created: 2020-09-03 Last update: 2021-04-20 23:34
1 bug tagged patch in the BTS normal
The BTS contains patches fixing 1 bug, consider including or untagging them.
Created: 2020-10-19 Last update: 2021-04-20 23:32
Depends on packages which need a new maintainer normal
The packages that redmine depends on which need a new maintainer are:
  • raphael (#895407)
    • Depends: libjs-raphael
Created: 2019-11-22 Last update: 2021-04-20 22:06
1 new commit since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit 95004a92c4c39b6ded8cd30c89179f14f1208d00
Author: Cédric Boutillier <boutil@debian.org>
Date:   Tue Sep 1 13:31:32 2020 +0000

    [ci skip] Update team name
Created: 2020-09-01 Last update: 2021-04-16 13:37
piuparts found (un)installation error(s) normal
Piuparts stresses package installation, uninstallation, upgrade, ... While doing such tests, one or more errors were found for the following suites:
  • sid - piuparts
You should fix them.
Created: 2021-03-24 Last update: 2021-03-24 15:45
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).
Created: 2020-11-17 Last update: 2020-11-17 05:41
testing migrations
  • excuses:
    • Migration status for redmine (- to 4.0.7-1): BLOCKED: Rejected/violates migration policy/introduces a regression
    • Issues preventing migration:
    • Updating redmine introduces new bugs: #969206
    • Rejected due to piuparts regression - https://piuparts.debian.org/sid/source/r/redmine.html
    • autopkgtest for redmine/4.0.7-1: amd64: Pass, arm64: Pass, armhf: Regression ♻ , i386: Regression ♻ , ppc64el: Regression ♻
    • blocked by freeze: is not in testing
    • Additional info:
    • 365 days old (needed 20 days)
    • Not considered
news
[rss feed]
  • [2020-09-04] redmine REMOVED from testing (Debian testing watch)
  • [2020-05-02] Accepted redmine 4.0.7-1~bpo10+1 (source) into buster-backports (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2020-04-23] redmine 4.0.7-1 MIGRATED to testing (Debian testing watch)
  • [2020-04-20] Accepted redmine 4.0.7-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2020-02-15] redmine 4.0.6-2 MIGRATED to testing (Debian testing watch)
  • [2020-02-12] Accepted redmine 4.0.6-2 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2020-02-06] Accepted redmine 4.0.6-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2020-01-27] Accepted redmine 4.0.4-3~bpo10+1 (source all) into buster-backports, buster-backports (Lucas Kanashiro)
  • [2019-11-24] Accepted redmine 3.3.1-4+deb9u3 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Lucas Kanashiro)
  • [2019-11-19] Accepted redmine 3.3.1-4+deb9u3 (source all) into oldstable->embargoed, oldstable (Lucas Kanashiro)
  • [2019-09-12] redmine 4.0.4-3 MIGRATED to testing (Debian testing watch)
  • [2019-09-09] Accepted redmine 4.0.4-3 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2019-09-06] Accepted redmine 4.0.4-2 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2019-08-17] Accepted redmine 4.0.4-1 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2019-04-15] Accepted redmine 4.0.1-2 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2019-02-18] Accepted redmine 4.0.1-1 (source) into unstable (Lucas Kanashiro)
  • [2019-02-06] redmine REMOVED from testing (Debian testing watch)
  • [2018-09-27] redmine 3.4.6-1 MIGRATED to testing (Debian testing watch)
  • [2018-07-31] Accepted redmine 3.4.6-1 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2018-06-03] Accepted redmine 3.3.1-4+deb9u2 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
  • [2018-06-03] Accepted redmine 3.3.1-4+deb9u2 (source) into stable->embargoed, stable (Salvatore Bonaccorso)
  • [2018-05-07] Accepted redmine 3.3.1-4+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Lucas Kanashiro)
  • [2018-05-03] Accepted redmine 3.3.1-4+deb9u1 (source all) into stable->embargoed, stable (Lucas Kanashiro)
  • [2018-04-15] Accepted redmine 3.4.5-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2018-04-02] Accepted redmine 3.4.4-1 (source all) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2017-11-20] Accepted redmine 3.4.2-1 (source) into unstable (Marc Dequènes (Duck)) (signed by: Marc Dequènes)
  • [2017-09-03] redmine REMOVED from testing (Debian testing watch)
  • [2017-03-15] redmine 3.3.1-4 MIGRATED to testing (Debian testing watch)
  • [2017-03-12] Accepted redmine 3.3.1-4 (source) into unstable (Antonio Terceiro)
  • [2017-02-19] redmine 3.3.1-3 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 8 9
  • RC: 1
  • I&N: 4
  • M&W: 3 4
  • F&P: 0
  • patch: 1
links
  • homepage
  • lintian
  • buildd: logs, clang
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • l10n (95, -)
  • debci

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing