Several security issues were fixed in redmine.
It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. (CVE-2019-17427)
26 November 2019
A security issue affects these releases of Ubuntu and its derivatives:
Several security issues were fixed in redmine.
It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. (CVE-2019-17427)
It was discovered that an SQL injection could allow users to access protected information via a crafted object query. (CVE-2019-18890)
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.