Redmine - Package Updates

girish

[3.1.0]

• Update redmine to 5.0.2
• News announcement
• Updates commonmark gem version to 0.23.4 when Ruby >= 2.6 is used in order to fix a remote code execution vulnerability. Because the fixed version of the gem doesn't support Ruby 2.5, those instances that are using Redmine 5.0.*, Commonmark and Ruby 2.5, it is highly recommended to update Ruby version to at least 2.6 because it's the only way to get the update and the fix. Also, the next major Redmine version (5.1.0) already dropped support for Ruby 2.5 (#37159).
• Updates jQuery UI to 1.31.1 to fix 3 medium severity XSS vulnerabilities
• Fixes unauthorised Information Leak in QueryAssociationColumn and QueryAssociationCustomFieldColumn when the user has no permission to view on the associated object

girish

[3.1.1]

• Delete stale pid files on startup

girish

[3.1.2]

• Update redmine to 5.0.3
• Security: Updates commonmark gem version to 0.23.4 when Ruby >= 2.6 is used in order to fix a remote code execution vulnerability. Because the fixed version of the gem doesn't support Ruby 2.5, those instances that are using Redmine 5.0.*, Commonmark and Ruby 2.5, it is highly recommended to update Ruby version to at least 2.6 because it's the only way to get the update and the fix. Also, the next major Redmine version (5.1.0) already dropped support for Ruby 2.5 (#37159).
• Security: Updates jQuery UI to 1.31.1 to fix 3 medium severity XSS vulnerabilities
• Security: Fixes unauthorised Information Leak in QueryAssociationColumn and QueryAssociationCustomFieldColumn when the user has no permission to view on the associated object

girish

[3.1.3]

• Fix configuration when email display name has a quote

girish

[3.1.4]

• Update redmine to 5.0.4
• News announcement
• Contains important security fixes

girish

[3.1.5]

• Update redmine to 5.0.5

girish

[3.2.0]

• Update base image to 4.0.0

nebulon

[3.2.1]

• Fixup PDF preview rendering

girish

[3.2.2]

• Update redmine to 5.0.6
• News announcement

girish

[3.3.0]

• Update redmine to 5.1.0
• News announcement
• Re-implement admin project list using ProjectQuery system (#33422)
• Background job and dedicated status for project deletion (#36691)
• Upgrade Admin/Users list to use the query system (#37674)
• Display calendar in vertical list layout on mobile screens (#33682)
• Auto watch issues on issue creation (#38238)
• Multiple issue ids in "Related to" filter (#38301)
• "Any searchable text" filter for issues (#38402)
• "contains any of" operator for text filters to perform OR search of multiple terms (#38435)
• OR search with multiple terms for "starts with" and "ends with" filter operators (#38456)
• New issues filter operators "has been", "has never been", and "changed from" (#38527)

girish

[3.3.1]

• Update redmine to 5.1.1
• News announcement

girish

[3.3.2]

• Update redmine to 5.1.2
• News announcement

girish

[3.4.0]

• Migrate to OIDC login

girish

[3.4.1]

• Update OIDC plugin to 2.2.1

girish

[3.4.2]

• Update redmine to 5.1.3
• News announcement

girish

https://github.com/kontron/redmine_oauth/pull/42 is now merged, so next release should have a better registration setup.

Package Updates

[3.5.0]

• Disable external registration by default with OIDC

Package Updates

[3.5.1]

• Update OIDC plugin to 2.2.3

Package Updates

[3.5.2]

• Update OIDC plugin to 2.2.4

girish

Reported upstream . Redmine OAuth plugin issue - https://github.com/kontron/redmine_oauth/issues/51