项目

一般

简介

Redmine 6.0.4, 5.1.7 and 5.0.12 released (security fixes)

BĂLTEANU Marius24 天 之前添加

We have released new maintenance updates, Redmine version:6.0.4, version:5.1.7 and version:5.0.12.
These 3 maintenance releases are available for Download , you can review the changes in the Changelog .

All versions contain multiple important security fixes:
  • 2 XSS vulnerabilities
  • Project query leaks details of private projects
  • /my/account does not correctly enforce sudo mode
  • Update Nokogiri to 1.18.3 to address CVE-2025-24928 and CVE-2024-56171
    You can review them in Security Advisories .

Beside the security issues, #42245 is now fixed also on version:5.1.7.

Thank you to everyone who contributed to the releases and special thanks to Holger Just for handling all these security issues.


评论

点赞0