Subject: CVS commit: pkgsrc/devel/ruby-redmine50
From: Takahiro Kambe
Date: 2022-12-03 07:41:42
Message id: 20221203064142.6ECE1FA90@cvs.NetBSD.org
Log Message:
devel/ruby-redmine50: update to 5.0.4

5.0.4 (2022-12-01)

This is security release.

* Fix CVE-2022-44030: Access Control Issue in attachments#download_all
  (#37772)

* Fix CVE-2022-44031: Persistent XSS in textile formatting due to blockquote
  citation (#37751)

* Fix CVE-2021-44637: Redmine contains a cross-site scripting vulnerability
  (#37767)

* Open Redirect in attachments#download_all (#37880)
Files:
RevisionActionfile
1.6modifypkgsrc/devel/ruby-redmine50/Makefile
1.4modifypkgsrc/devel/ruby-redmine50/distinfo
1.4modifypkgsrc/devel/ruby-redmine50/patches/patch-Gemfile