2 matches found
Debian Security Advisory DSA 1754-1 (roundup)
The remote host is missing an update to roundup announced via advisory DSA 1754-1. OpenVAS Vulnerability Test $Id: deb17541.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1754-1 roundup Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian DSA-1754-1 : roundup - insufficient access checks
It was discovered that roundup, an issue tracker with a command-line, web and email interface, allows users to edit resources in unauthorized ways, including granting themselves admin rights. This update introduces stricter access checks, actually enforcing the configured permissions and roles...