[BSA-022] Security Update for request-tracker3.8
-----BEGIN PGP SIGNED MESSAGE-----
Jan Wagner uploaded new packages for request-tracker3.8 which fixed the
following security problems:
It was discovered that Request Tracker, an issue tracking system,
stored passwords in its database by using an insufficiently strong
hashing method. If an attacker would have access to the password
database, he could decode the passwords stored in it.
For the lenny-backports distribution the problems have been fixed in
For the unstable (sid) distribution, the problem has been fixed in version
3.8.8-7, for testing (squeeze) the fix should follow soon.
- - --------------------
If you don't use pinning (see ) you have to update the package
manually via "apt-get -t lenny-backports install <packagelist>" with
the packagelist of your installed packages affected by this update.
We recommend to pin the backports repository to 200 so that new
versions of installed backports will be installed automatically.
Pin: release a=lenny-backports
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----