oss-sec mailing list archives

CVE request - Redmine: open redirect vulnerability (fixed earlier this year)

From: Matthias Geerdsen <matthias () vorlons info>
Date: Thu, 03 Dec 2015 23:26:32 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

please assign a CVE ID for an open redirect vulnerability fixed
in the Redmine releases 2.6.7, 3.0.5 and 3.1.1 [1,2]. Commit can be
found at [3], the ticket is still private [4].

Cheers
Matthias

[1] <http://www.redmine.org/news/101>
[2] <http://www.redmine.org/projects/redmine/wiki/Security_Advisories>
[3]
<https://github.com/redmine/redmine/commit/032f2c9be6520d9d1a1608aa4f1d5d1f184f2472>
[4] <https://www.redmine.org/issues/19577>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWYMGUAAoJEDVYuxv9Aw7qNSsH/2Iwpxy3Rwj1m63zIWdvUOMv
VpQ1DUF3jGW6g378R5XhDzfiJ3E6vi0BLfzZ026JItaxcHG7OzbNGPobuxDIfjmH
c68/W2lZ7pMfBkIDyg4qCzNJFm4bjdzQdMWY2syVwP4hZoWrZIHbwWonbcMGXeXc
u9oGi6cpm0FOpVCOu6bzcYRRhIwcm3M7NtKPmdKS3Cwr00rlh0Iae4Ie+pP6H8nE
0fHoB6xa2xwQZ8+cDvgtGqwQvZQlHLB9r0lFSKC/OWjdO3eZPToYBhNwp57FECuF
Bo+CDK1XJH11lLxzNc8hXtaLeF3pYh/DZRFJFrLLO7OLOTIvHZ95jObmbSsJoDU=
=wuHV
-----END PGP SIGNATURE-----

Current thread:

CVE request - Redmine: open redirect vulnerability (fixed earlier this year) Matthias Geerdsen (Dec 03)
- Re: CVE request - Redmine: open redirect vulnerability (fixed earlier this year) cve-assign (Dec 04)