-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : roundup Version : 1.4.20-1.1+deb8u2 CVE ID : CVE-2019-10904
Hanno Böck was discovered that there was a cross-site scripting (XSS) vulnerability in the web front-end of the roundup issue- tracking system. For Debian 8 "Jessie", this issue has been fixed in roundup version 1.4.20-1.1+deb8u2. We recommend that you upgrade your roundup packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlyp7ZMACgkQHpU+J9Qx HlgZKxAAwwK/IUgern6W24g0vSS4cq8CYFo1529yxjypRQJSI5SBd0bUnXFO/M5U ZU9usfMdEM/7jIVYKSj3Fm87PwBKwLxFWHNPMR9leRraooKNNpXUFupSvGllUAgd 1DHjjgjGTXCA8UPzV+1NYNEqxCJluJRpymYKxIY6afDWf7sS3QrC8mLGQWYnVUA+ JnstbhpnMapS+2IzcZe4j9w6xePrd7zehqOFZ9e1Tg77qdLYJoUBAMV/I7aJkRpA 8lAcJV8QVZcCpx+6IUP/iTjUTAalp78xA9+SbqXhT/jJOxLLQg1ycJ8BFfVFpHiY Z55f3zlZtkV0o/Csd2fdfHWXIcYWtLaOmLjjpexKqUKd0M5vnYC6KsYhr4P8KlOD jLPrDRj5hq5Sk46PZA+M6ISntO/SHiNJxmpMWpEPlVIuJO4fgeGnK7FQWiaMCVib 9qQdRl/GKjAblRrCDMSTRmGtV0dQT2WV2+ne7hO5uxATLPmTquYmQrFbEo/+xt3K SRdS3/Ha7Qoh65s9RDF9M1duOW2L2cFS5l+mp0nzcv7Dpe/OX9sQxEgJOtOpFUq2 zSvQKMmT2i6SIF+69LaJY0Ldz6TW2FHA9Tt7tMUiYsTX3vD5LTA8eFnDLM1YUpsW CPUNTpUAQHf3DhNhQIPvtkM5t7eetUIaz+xJjpX4whgTp0oLQmI= =wM9T -----END PGP SIGNATURE-----