Upgrade Redmine/Rails to mitigate CVE-2019-5418
See:
- https://github.com/mpgn/CVE-2019-5418
- https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
bugs.alpinelinux.org:
alpine-bugs:/usr/share/webapps/redmine# gem list --local '^rails$'
*** LOCAL GEMS ***
rails (4.2.8)This should be updated to 4.2.11.1 at least.
(from redmine: issue id 10149, created on 2019-03-22)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information