Accepted request-tracker4 4.0.5-3~bpo60+1 (source all)

To: debian-backports-changes@lists.debian.org
Subject: Accepted request-tracker4 4.0.5-3~bpo60+1 (source all)
From: Dominic Hargreaves <dom@earth.li>
Date: Sun, 27 May 2012 17:47:11 +0000
Message-id: <[🔎] E1SYhYd-0001Kc-EH@morricone.debian.org>
Mail-followup-to: debian-backports@lists.debian.org
Reply-to: debian-backports@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 27 May 2012 18:32:09 +0100
Source: request-tracker4
Binary: request-tracker4 rt4-clients rt4-fcgi rt4-apache2 rt4-db-postgresql rt4-db-mysql rt4-db-sqlite
Architecture: source all
Version: 4.0.5-3~bpo60+1
Distribution: squeeze-backports
Urgency: high
Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org>
Changed-By: Dominic Hargreaves <dom@earth.li>
Description: 
 request-tracker4 - extensible trouble-ticket tracking system
 rt4-apache2 - Apache 2 specific files for request-tracker4
 rt4-clients - mail gateway and command-line interface to request-tracker4
 rt4-db-mysql - MySQL database backend for request-tracker4
 rt4-db-postgresql - PostgreSQL database backend for request-tracker4
 rt4-db-sqlite - SQLite database backend for request-tracker4
 rt4-fcgi   - External FastCGI support for request-tracker4
Closes: 660867 661101 668451
Changes: 
 request-tracker4 (4.0.5-3~bpo60+1) squeeze-backports; urgency=low
 .
   * Rebuild for squeeze-backports.
 .
 request-tracker4 (4.0.5-3) unstable; urgency=high
 .
   [ Dmitry Smirnov ]
   * debian/copyright update
   * added missing 'libfcgi-perl' dependency to 'rt4-fcgi'
   * debian/rt4-fcgi.init: fixed 'status' function
 .
   [ Dominic Hargreaves ]
   * Multiple security fixes for:
     - XSS vulnerabilities (CVE-2011-2083)
     - information disclosure vulnerabilities including password hash
       exposure and correspondence disclosure to privileged users
       (CVE-2011-2084)
     - CSRF vulnerabilities allowing information disclosure,
       privilege escalation, and arbitrary code execution. Original
       behaviour may be restored by setting $RestrictReferrer to 0 for
       installations which rely on it (CVE-2011-2085)
     - remote code execution vulnerabilities including in VERP
       functionality (CVE-2011-4458)
   * Add vulnerable-password and clean-user-txns scripts to accompany
     above fixes, and run in postinst
 .
 request-tracker4 (4.0.5-2) unstable; urgency=low
 .
   * Improve rt4-fcgi description to clarify that it's only required
     where an external FCGI process is needed, and that it's not
     nginx specific
   * Add Dutch debconf translation (Closes: #661101)
   * Create cron job world-readable during new installations
     (Closes: #660867)
   * Correctly remove all conffiles during purge (Closes: #668451)
   * Remove references to obsolete /etc/apache2/conf.d (see #669774)
   * Update Standards-Version (no changes)
Checksums-Sha1: 
 3177e1cec11ac28a43cfe74003e917994b00205a 1904 request-tracker4_4.0.5-3~bpo60+1.dsc
 bf23c95a15f0bac5e5c3ddd0b0a3d628fc1a506c 109614 request-tracker4_4.0.5-3~bpo60+1.debian.tar.gz
 ce05a59349828fd7bf5315737ea2d7d39a9eb707 3954544 request-tracker4_4.0.5-3~bpo60+1_all.deb
 b8f8005cdc59dd7a41f52efefa98e19fb6044e33 45946 rt4-clients_4.0.5-3~bpo60+1_all.deb
 58943ee52ca87887c17f9846a6bc82ed6d674ce4 9152 rt4-fcgi_4.0.5-3~bpo60+1_all.deb
 06066c36f0d2fe8223bacf9558747900674e8001 8026 rt4-apache2_4.0.5-3~bpo60+1_all.deb
 1152a45a1118610684df5c7704f57f53949ff8c1 7278 rt4-db-postgresql_4.0.5-3~bpo60+1_all.deb
 c12279ecc74e298b2de7c1dadf84e7a36f244453 7282 rt4-db-mysql_4.0.5-3~bpo60+1_all.deb
 9ff2d32a0d7794445550fc423f5e0fc832ee8508 7384 rt4-db-sqlite_4.0.5-3~bpo60+1_all.deb
Checksums-Sha256: 
 a3fada65541e52b8a7aa4b3a73f00c1b00aa0c428d7a5bccd2fa003f1b3aea90 1904 request-tracker4_4.0.5-3~bpo60+1.dsc
 2ef430afea4fe16387284e8f329fb9da42bfcd1b9adaa109756c0ea69ac82dc5 109614 request-tracker4_4.0.5-3~bpo60+1.debian.tar.gz
 75f7900886a81c9ea468e302f1160ff8950442542281bbddd9b0cafb1ecb6c24 3954544 request-tracker4_4.0.5-3~bpo60+1_all.deb
 7624aefb9285840d93091cda3f72402b29de397f4a60c6a56eb953eb89d3928f 45946 rt4-clients_4.0.5-3~bpo60+1_all.deb
 ae3d5af7b405dd70f768753b679409cc45538710580fefd1235761fdee99d673 9152 rt4-fcgi_4.0.5-3~bpo60+1_all.deb
 45a9bd8736027a8a5622c293c40a7b117711f6898f6ed61c461948ca8b6d2503 8026 rt4-apache2_4.0.5-3~bpo60+1_all.deb
 3bd6deaae10dfc2f5b0ea8c2d053181201fbe28607e3ca383946500ad3d43ce5 7278 rt4-db-postgresql_4.0.5-3~bpo60+1_all.deb
 8b489fe9fd9cfe86b329ab87ee7f8d042dc7e6c610b4f4a24e4db76ab4ae7a92 7282 rt4-db-mysql_4.0.5-3~bpo60+1_all.deb
 ca400739f88628dd210ae5d0e1d2867bcc8550c05a6a9e22247c5938fdd2a596 7384 rt4-db-sqlite_4.0.5-3~bpo60+1_all.deb
Files: 
 908632de1be1b0b735400c62058d5e78 1904 misc optional request-tracker4_4.0.5-3~bpo60+1.dsc
 35c01909323d775e5fc91c7c89edd1c5 109614 misc optional request-tracker4_4.0.5-3~bpo60+1.debian.tar.gz
 da919e3a1e5bbec0f6f93d25991a9af5 3954544 misc optional request-tracker4_4.0.5-3~bpo60+1_all.deb
 a28dbf029a8b448081d22e3741df616e 45946 misc optional rt4-clients_4.0.5-3~bpo60+1_all.deb
 a9484b1a6b5c721f88ec4dfa8ab92695 9152 misc optional rt4-fcgi_4.0.5-3~bpo60+1_all.deb
 6fc7c7b58860c5b28f1e7fdca395b895 8026 misc optional rt4-apache2_4.0.5-3~bpo60+1_all.deb
 c8a4022b786df2fb278ac8750187b8ff 7278 misc optional rt4-db-postgresql_4.0.5-3~bpo60+1_all.deb
 4e8951e235dfad247d33a4cbfba24560 7282 misc optional rt4-db-mysql_4.0.5-3~bpo60+1_all.deb
 7b7c8592051c66b3bccb7287748d4d49 7384 misc optional rt4-db-sqlite_4.0.5-3~bpo60+1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFPwmV4YzuFKFF44qURAkA/AJ9vG7zIP5JlOO98hWxxxlB2znJGNACfVVo5
Kb/Z9c3emw8/lTzodbI16Jk=
=/Xqk
-----END PGP SIGNATURE-----


Accepted:
request-tracker4_4.0.5-3~bpo60+1.debian.tar.gz
  to main/r/request-tracker4/request-tracker4_4.0.5-3~bpo60+1.debian.tar.gz
request-tracker4_4.0.5-3~bpo60+1.dsc
  to main/r/request-tracker4/request-tracker4_4.0.5-3~bpo60+1.dsc
request-tracker4_4.0.5-3~bpo60+1_all.deb
  to main/r/request-tracker4/request-tracker4_4.0.5-3~bpo60+1_all.deb
rt4-apache2_4.0.5-3~bpo60+1_all.deb
  to main/r/request-tracker4/rt4-apache2_4.0.5-3~bpo60+1_all.deb
rt4-clients_4.0.5-3~bpo60+1_all.deb
  to main/r/request-tracker4/rt4-clients_4.0.5-3~bpo60+1_all.deb
rt4-db-mysql_4.0.5-3~bpo60+1_all.deb
  to main/r/request-tracker4/rt4-db-mysql_4.0.5-3~bpo60+1_all.deb
rt4-db-postgresql_4.0.5-3~bpo60+1_all.deb
  to main/r/request-tracker4/rt4-db-postgresql_4.0.5-3~bpo60+1_all.deb
rt4-db-sqlite_4.0.5-3~bpo60+1_all.deb
  to main/r/request-tracker4/rt4-db-sqlite_4.0.5-3~bpo60+1_all.deb
rt4-fcgi_4.0.5-3~bpo60+1_all.deb
  to main/r/request-tracker4/rt4-fcgi_4.0.5-3~bpo60+1_all.deb

Reply to:

Prev by Date: lldpd_0.5.7-1~bpo60+1_powerpc.changes ACCEPTED into squeeze-backports
Next by Date: Processing of request-tracker4_4.0.5-3~bpo60+1_i386.changes
Previous by thread: lldpd_0.5.7-1~bpo60+1_powerpc.changes ACCEPTED into squeeze-backports
Next by thread: Processing of request-tracker4_4.0.5-3~bpo60+1_i386.changes
Index(es):
- Date
- Thread