Accepted request-tracker4 4.0.7-5+deb7u2~bpo60+1 (source all)

To: debian-backports-changes@lists.debian.org
Subject: Accepted request-tracker4 4.0.7-5+deb7u2~bpo60+1 (source all)
From: Dominic Hargreaves <dom@earth.li>
Date: Thu, 23 May 2013 00:18:17 +0000
Message-id: <[🔎] E1UfJEX-0007Xh-Fk@franck.debian.org>
Mail-followup-to: debian-backports@lists.debian.org
Reply-to: debian-backports@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 23 May 2013 00:54:36 +0100
Source: request-tracker4
Binary: request-tracker4 rt4-clients rt4-fcgi rt4-apache2 rt4-db-postgresql rt4-db-mysql rt4-db-sqlite
Architecture: source all
Version: 4.0.7-5+deb7u2~bpo60+1
Distribution: squeeze-backports
Urgency: high
Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org>
Changed-By: Dominic Hargreaves <dom@earth.li>
Description: 
 request-tracker4 - extensible trouble-ticket tracking system
 rt4-apache2 - Apache 2 specific files for request-tracker4
 rt4-clients - mail gateway and command-line interface to request-tracker4
 rt4-db-mysql - MySQL database backend for request-tracker4
 rt4-db-postgresql - PostgreSQL database backend for request-tracker4
 rt4-db-sqlite - SQLite database backend for request-tracker4
 rt4-fcgi   - External FastCGI support for request-tracker4
Changes: 
 request-tracker4 (4.0.7-5+deb7u2~bpo60+1) squeeze-backports; urgency=high
 .
   * Rebuild for squeeze-backports.
   * Drop versioned depends on liburi-perl as it's not available in
     squeeze (and libplack-perl in bpo depends on an earlier version);
     this means that upstream #18104 (missing tickets in dashboard emails)
     is still unfixed
   * Drop versioned depends on libipc-run-perl as it's not available in
     at the required version in squeeze-bpo; this means that upstream #19802
     (drawing graphs of relationships with UTF-8 strings) is still unfixed
 .
 request-tracker4 (4.0.7-5+deb7u2) wheezy-security; urgency=high
 .
   * Correct dbconfig upgrade script versioning
   * Add logging fix for previous security fix patchset
 .
 request-tracker4 (4.0.7-5+deb7u1) wheezy-security; urgency=high
 .
   * Multiple security fixes for:
     - Privileged user escalation (CVE-2012-4733)
     - Semi-predictable temporary file names (CVE-2013-3368)
     - Arbitrary Mason component execution (CVE-2013-3369)
     - Direct execution of private callback components (CVE-2013-3370)
     - XSS via attachment filenames and URLs in messages (CVE-2013-3371)
     - XSS via Content-Disposition header (CVE-2013-3372)
     - MIME header injection (CVE-2013-3373)
     - Limited session reuse when using Apache::Session::File (CVE-2013-3374)
   * Include database upgrade (dbconfig-common and NEWS)
Checksums-Sha1: 
 43cbe344c241d5f67df7b72c3a98c0f29cbe9578 1929 request-tracker4_4.0.7-5+deb7u2~bpo60+1.dsc
 e82a586972ee0922ff4e7cade3e1154cec599f92 88393 request-tracker4_4.0.7-5+deb7u2~bpo60+1.debian.tar.gz
 de53bb9c3388995eb76b68854537c4a0cb803742 3957656 request-tracker4_4.0.7-5+deb7u2~bpo60+1_all.deb
 3387e9a0580f3cb2619e9001560104a4fe226f92 47838 rt4-clients_4.0.7-5+deb7u2~bpo60+1_all.deb
 bcde97a55bbe3990e77f61cf738fc98a7a2b8f8f 11760 rt4-fcgi_4.0.7-5+deb7u2~bpo60+1_all.deb
 5fadef9dcc907df6eb6b84bfb36c07d37d0cf308 10680 rt4-apache2_4.0.7-5+deb7u2~bpo60+1_all.deb
 e8a00bc5eacdd52b3e84319ced9cd180b808b761 9828 rt4-db-postgresql_4.0.7-5+deb7u2~bpo60+1_all.deb
 040ef2e80a334f62dd63990a071f735c0ee3a002 9830 rt4-db-mysql_4.0.7-5+deb7u2~bpo60+1_all.deb
 71cfa15d3d9b4e339a3f51c71e2171eafad5b4ef 9930 rt4-db-sqlite_4.0.7-5+deb7u2~bpo60+1_all.deb
Checksums-Sha256: 
 4c7439359904a7b059fda19571233d6a04573564ab24b09fa495c7733cc38923 1929 request-tracker4_4.0.7-5+deb7u2~bpo60+1.dsc
 0b2e204b9bda479f18323700518fde88df98a48eb29534d3cc9a682dca52df2e 88393 request-tracker4_4.0.7-5+deb7u2~bpo60+1.debian.tar.gz
 21589f176f84ec62978acc464cfda2f6c58c86b27d22ea6ec8bec2c8225365fa 3957656 request-tracker4_4.0.7-5+deb7u2~bpo60+1_all.deb
 36f3a99f5e65745c334a45dd8ff09403073da31b5bfc1ad5b30597aeda2b9316 47838 rt4-clients_4.0.7-5+deb7u2~bpo60+1_all.deb
 04c28ca962320b2575a4585c7287b9ac1fe9bdfa589c9633d49a68e7907298db 11760 rt4-fcgi_4.0.7-5+deb7u2~bpo60+1_all.deb
 4d2c40cb5073beb55ed6c81f21aa7c4ae4346560974eba42ae4e76845067e5b1 10680 rt4-apache2_4.0.7-5+deb7u2~bpo60+1_all.deb
 1918ea2f492d4456fcb2ecd278ed33c17d517f9e1245c72cdf960ee700a2a6a1 9828 rt4-db-postgresql_4.0.7-5+deb7u2~bpo60+1_all.deb
 a5572698ccfe32594c3fb9d905c7d55146bf2c86db025314ed10807bf8d8a773 9830 rt4-db-mysql_4.0.7-5+deb7u2~bpo60+1_all.deb
 dbfeca93702119038941be04265f0e4d37337d7e478537383c7b599017b6ce8f 9930 rt4-db-sqlite_4.0.7-5+deb7u2~bpo60+1_all.deb
Files: 
 5aa4d68e242d6eb5de28170c55ebef49 1929 misc optional request-tracker4_4.0.7-5+deb7u2~bpo60+1.dsc
 bb31fd647d05353ad13ccbbc2011f1e4 88393 misc optional request-tracker4_4.0.7-5+deb7u2~bpo60+1.debian.tar.gz
 405d87016d0c87f8c9c53fb0834c8a7c 3957656 misc optional request-tracker4_4.0.7-5+deb7u2~bpo60+1_all.deb
 970261554a6ab92947c02425840ff38d 47838 misc optional rt4-clients_4.0.7-5+deb7u2~bpo60+1_all.deb
 f2baaf7db4c7124a6fcd1dfdb8f7be34 11760 misc optional rt4-fcgi_4.0.7-5+deb7u2~bpo60+1_all.deb
 57a5e758e391dae74ced59114795d15e 10680 misc optional rt4-apache2_4.0.7-5+deb7u2~bpo60+1_all.deb
 894aa99fba27b350888c8ea3823b92a1 9828 misc optional rt4-db-postgresql_4.0.7-5+deb7u2~bpo60+1_all.deb
 3f512240b0f15d975f811fef7b572599 9830 misc optional rt4-db-mysql_4.0.7-5+deb7u2~bpo60+1_all.deb
 19aadecb525554965abfa98bd93948ca 9930 misc optional rt4-db-sqlite_4.0.7-5+deb7u2~bpo60+1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFRnVzeYzuFKFF44qURAtvnAJ9sSCQAFikY7lZ7s+F985pPFfOxAQCgpgPX
pXYHloTiU42M9ArCBxPDOrw=
=J7St
-----END PGP SIGNATURE-----

xPDOrw=
=J7St
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted adequate 0.5.2~bpo70+1 (source all)
Next by Date: Accepted vcsh 1.2-3~bpo60+2 (source all)
Previous by thread: Accepted adequate 0.5.2~bpo70+1 (source all)
Next by thread: Accepted vcsh 1.2-3~bpo60+2 (source all)
Index(es):
- Date
- Thread