Accepted request-tracker3.8 3.8.10-1 (source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted request-tracker3.8 3.8.10-1 (source all)
From: Dominic Hargreaves <dom@earth.li>
Date: Thu, 14 Apr 2011 17:49:11 +0000
Message-id: <[🔎] E1QAQfH-00050b-UG@franck.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 14 Apr 2011 18:37:55 +0100
Source: request-tracker3.8
Binary: request-tracker3.8 rt3.8-clients rt3.8-apache2 rt3.8-db-postgresql rt3.8-db-mysql rt3.8-db-sqlite
Architecture: source all
Version: 3.8.10-1
Distribution: unstable
Urgency: high
Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org>
Changed-By: Dominic Hargreaves <dom@earth.li>
Description: 
 request-tracker3.8 - extensible trouble-ticket tracking system
 rt3.8-apache2 - Apache 2 specific files for request-tracker3.8
 rt3.8-clients - mail gateway and command-line interface to request-tracker3.8
 rt3.8-db-mysql - MySQL database backend for request-tracker3.8
 rt3.8-db-postgresql - PostgreSQL database backend for request-tracker3.8
 rt3.8-db-sqlite - SQLite database backend for request-tracker3.8
Closes: 622774
Changes: 
 request-tracker3.8 (3.8.10-1) unstable; urgency=high
 .
   * New upstream release; includes multiple security fixes
     (Closes: #622774):
     - Remote code execution in external custom fields (CVE-2011-1685)
     - Information disclosure via SQL injection (CVE-2011-1686)
     - Information disclosure via search interface (CVE-2011-1687)
     - Information disclosure via directory traversal (CVE-2011-1688)
     - User javascript execution via XSS vulnerability (CVE-2011-1689)
     - Authentication credentials theft (CVE-2011-1690)
   * Update Standards-Version (no changes)
Checksums-Sha1: 
 e4c005d046bcd5de8b25ac4a208cd3984c397bde 1603 request-tracker3.8_3.8.10-1.dsc
 98678a4ce4dbdfb13ceeeb88236d49bd0f5562c7 5642566 request-tracker3.8_3.8.10.orig.tar.gz
 b78443ab5627c04c60ed898b3732b80dab78ef84 73996 request-tracker3.8_3.8.10-1.diff.gz
 29a4e868b347ac385e6ac740d4403ce9f3ac2136 5165144 request-tracker3.8_3.8.10-1_all.deb
 22820277b5f371e280a58521c4be32919462f833 48246 rt3.8-clients_3.8.10-1_all.deb
 5cba6f65536a0ec2b9c5181651e74d25b86bdbca 13570 rt3.8-apache2_3.8.10-1_all.deb
 14e735d48276dc76ab63cddf64f569f4613e3d75 12250 rt3.8-db-postgresql_3.8.10-1_all.deb
 13dfbd9b41f53ad00341d83eaf0c552ba6a35b7b 12250 rt3.8-db-mysql_3.8.10-1_all.deb
 8679c4275da52fd1640ebaa83105cf0afc2b86db 12344 rt3.8-db-sqlite_3.8.10-1_all.deb
Checksums-Sha256: 
 bdd7abb12071b39900d2fbe29b1aae28d0ff9391fdf590cfcf319f80622f5c73 1603 request-tracker3.8_3.8.10-1.dsc
 d121ec6463ce919cef74c3ce3ab7e7213cb235726d05abd26c717a7eab6c1448 5642566 request-tracker3.8_3.8.10.orig.tar.gz
 ff1e64aa7c5be1136dddb72de265cce75277547333cbde9593818332d4b52666 73996 request-tracker3.8_3.8.10-1.diff.gz
 251272ae5b66d0dfccfa55ef0f23d6a6a201fae1d5d4d852422dbf683bc80fce 5165144 request-tracker3.8_3.8.10-1_all.deb
 163833928ed7b78f4e119f08e9af04a589aa8caffbdc95d56052179f726a6f59 48246 rt3.8-clients_3.8.10-1_all.deb
 7c0627740aa9f834c00a496ff9f582c0b132f30e37f52d904ffc70a75a6c52af 13570 rt3.8-apache2_3.8.10-1_all.deb
 e57be2f8ce4adef77d2447c8fe5c52c4f28532b0a352ceaacf5cde3453ccf772 12250 rt3.8-db-postgresql_3.8.10-1_all.deb
 b4dba76d7fd81bb788db1b86ccd7546501d1cf8ad3df14768fae8748cbc1263c 12250 rt3.8-db-mysql_3.8.10-1_all.deb
 3be4a11ab16d89ea86581e0152a19025d24caa5c8c5c70d6956082483f636055 12344 rt3.8-db-sqlite_3.8.10-1_all.deb
Files: 
 b8e64ea9a36162232d40ba03438c1b1f 1603 misc optional request-tracker3.8_3.8.10-1.dsc
 00c147d71476d032d33dbad76bdc06ff 5642566 misc optional request-tracker3.8_3.8.10.orig.tar.gz
 48ebb61a57cf6078b6b30088c815ba6b 73996 misc optional request-tracker3.8_3.8.10-1.diff.gz
 3201d27ad3c05ea0b7bbf26663336b2c 5165144 misc optional request-tracker3.8_3.8.10-1_all.deb
 17ca06e586ff7bcf63b94e4e73a00b22 48246 misc optional rt3.8-clients_3.8.10-1_all.deb
 19825e80298d4ef390bb6d6208b94080 13570 misc optional rt3.8-apache2_3.8.10-1_all.deb
 3edb295cf9cde06912ba759fc60af683 12250 misc optional rt3.8-db-postgresql_3.8.10-1_all.deb
 efdbe7ad74117d6e4cd02a23f7f70b7a 12250 misc optional rt3.8-db-mysql_3.8.10-1_all.deb
 4d63690b10528c5bec3034aa7e2b8321 12344 misc optional rt3.8-db-sqlite_3.8.10-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFNpzEtYzuFKFF44qURAqTYAKCq3f6ZU9hI/JBxf2iwFGARf8cEgACgkfkE
nhEs8/YdT8OYDhfDMfrGAwQ=
=aI6H
-----END PGP SIGNATURE-----


Accepted:
request-tracker3.8_3.8.10-1.diff.gz
  to main/r/request-tracker3.8/request-tracker3.8_3.8.10-1.diff.gz
request-tracker3.8_3.8.10-1.dsc
  to main/r/request-tracker3.8/request-tracker3.8_3.8.10-1.dsc
request-tracker3.8_3.8.10-1_all.deb
  to main/r/request-tracker3.8/request-tracker3.8_3.8.10-1_all.deb
request-tracker3.8_3.8.10.orig.tar.gz
  to main/r/request-tracker3.8/request-tracker3.8_3.8.10.orig.tar.gz
rt3.8-apache2_3.8.10-1_all.deb
  to main/r/request-tracker3.8/rt3.8-apache2_3.8.10-1_all.deb
rt3.8-clients_3.8.10-1_all.deb
  to main/r/request-tracker3.8/rt3.8-clients_3.8.10-1_all.deb
rt3.8-db-mysql_3.8.10-1_all.deb
  to main/r/request-tracker3.8/rt3.8-db-mysql_3.8.10-1_all.deb
rt3.8-db-postgresql_3.8.10-1_all.deb
  to main/r/request-tracker3.8/rt3.8-db-postgresql_3.8.10-1_all.deb
rt3.8-db-sqlite_3.8.10-1_all.deb
  to main/r/request-tracker3.8/rt3.8-db-sqlite_3.8.10-1_all.deb

Reply to:

Prev by Date: Accepted nekobee 0.1.7-3 (source i386)
Next by Date: Accepted libmodplug 1:0.8.8.2-1 (source all amd64)
Previous by thread: Accepted nekobee 0.1.7-3 (source i386)
Next by thread: Accepted libmodplug 1:0.8.8.2-1 (source all amd64)
Index(es):
- Date
- Thread