kanboard (1.2.49+ds-1) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/debian/kanboard.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: debian/latest
Path: debian/changelog
Repo size: 1507328
Browser: https://salsa.debian.org/debian/kanboard
Last scan: 2026-01-09 09:16:12+00
Next scan: 2026-01-15 12:16:00+00
CI pipeline status: success

Debian changelog in Git:

kanboard (1.2.49+ds-1) unstable; urgency=medium

  * New upstream version 1.2.49+ds
    + fixes CVE-2026-21880 aka GHSA-v66r-m28r-wmq7
      Kanboard LDAP Injection Vulnerability
    + fixes CVE-2026-21881 aka GHSA-wwpf-3j4p-739w
      Kanboard Reverse Proxy Authentication Bypass
    + fixes CVE-2026-21879 aka GHSA-mhv9-7m9w-7hcq
      Kanboard Open Redirect Vulnerability
    Closes: #1125061
  * refresh patches

 -- Joseph Nahmias <jello@debian.org>  Thu, 08 Jan 2026 20:38:04 -0500

This branch is even with tag debian/1.2.49+ds-1