Debian 9859 Published by

Updated roundup packages has been released for Debian GNU/Linux 8 LTS



Package : roundup
Version : 1.4.20-1.1+deb8u2
CVE ID : CVE-2019-10904

Hanno Böck was discovered that there was a cross-site scripting
(XSS) vulnerability in the web front-end of the roundup issue-
tracking system.

For Debian 8 "Jessie", this issue has been fixed in roundup version
1.4.20-1.1+deb8u2.

We recommend that you upgrade your roundup packages.