Source: redmine Severity: grave It seems Redmine Debian package is seriously outdated in Debian. It shouldn't be shipped as such into Stretch, in my opinion, as it does not seem to follow any upstream stable branch (2.6, 3.0, or 3.1).
I am also puzzled as to why this was shipped in Jessie in the first place, let alone shipped in a proposed-stable-update... There are several security issues still affecting all debian releases, including squeeze-lts, wheezy, jessie and sid. https://security-tracker.debian.org/tracker/source-package/redmine redmine was removed from stretch, but it seems to me that an official release should be shipped in Debian stable releases. And followed as much as possible! -- System Information: Debian Release: 8.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable'), (500, 'oldstable'), (1, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.2.0-0.bpo.1-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
