Redmine 6.0.4, 5.1.7 and 5.0.12 released (security fixes)
We have released new maintenance updates, Redmine version:6.0.4, version:5.1.7 and version:5.0.12.
These 3 maintenance releases are available for Download , you can review the changes in the Changelog .
- 2 XSS vulnerabilities
- Project query leaks details of private projects
- /my/account does not correctly enforce sudo mode
- Update Nokogiri to 1.18.3 to address CVE-2025-24928 and CVE-2024-56171
You can review them in Security Advisories .
Beside the security issues, #42245 is now fixed also on version:5.1.7.
Thank you to everyone who contributed to the releases and special thanks to Holger Just for handling all these security issues.
点赞0
评论