Accepted request-tracker3.8 3.8.10-1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 14 Apr 2011 18:37:55 +0100
Source: request-tracker3.8
Binary: request-tracker3.8 rt3.8-clients rt3.8-apache2 rt3.8-db-postgresql rt3.8-db-mysql rt3.8-db-sqlite
Architecture: source all
Version: 3.8.10-1
Distribution: unstable
Urgency: high
Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org>
Changed-By: Dominic Hargreaves <dom@earth.li>
Description:
request-tracker3.8 - extensible trouble-ticket tracking system
rt3.8-apache2 - Apache 2 specific files for request-tracker3.8
rt3.8-clients - mail gateway and command-line interface to request-tracker3.8
rt3.8-db-mysql - MySQL database backend for request-tracker3.8
rt3.8-db-postgresql - PostgreSQL database backend for request-tracker3.8
rt3.8-db-sqlite - SQLite database backend for request-tracker3.8
Closes: 622774
Changes:
request-tracker3.8 (3.8.10-1) unstable; urgency=high
.
* New upstream release; includes multiple security fixes
(Closes: #622774):
- Remote code execution in external custom fields (CVE-2011-1685)
- Information disclosure via SQL injection (CVE-2011-1686)
- Information disclosure via search interface (CVE-2011-1687)
- Information disclosure via directory traversal (CVE-2011-1688)
- User javascript execution via XSS vulnerability (CVE-2011-1689)
- Authentication credentials theft (CVE-2011-1690)
* Update Standards-Version (no changes)
Checksums-Sha1:
e4c005d046bcd5de8b25ac4a208cd3984c397bde 1603 request-tracker3.8_3.8.10-1.dsc
98678a4ce4dbdfb13ceeeb88236d49bd0f5562c7 5642566 request-tracker3.8_3.8.10.orig.tar.gz
b78443ab5627c04c60ed898b3732b80dab78ef84 73996 request-tracker3.8_3.8.10-1.diff.gz
29a4e868b347ac385e6ac740d4403ce9f3ac2136 5165144 request-tracker3.8_3.8.10-1_all.deb
22820277b5f371e280a58521c4be32919462f833 48246 rt3.8-clients_3.8.10-1_all.deb
5cba6f65536a0ec2b9c5181651e74d25b86bdbca 13570 rt3.8-apache2_3.8.10-1_all.deb
14e735d48276dc76ab63cddf64f569f4613e3d75 12250 rt3.8-db-postgresql_3.8.10-1_all.deb
13dfbd9b41f53ad00341d83eaf0c552ba6a35b7b 12250 rt3.8-db-mysql_3.8.10-1_all.deb
8679c4275da52fd1640ebaa83105cf0afc2b86db 12344 rt3.8-db-sqlite_3.8.10-1_all.deb
Checksums-Sha256:
bdd7abb12071b39900d2fbe29b1aae28d0ff9391fdf590cfcf319f80622f5c73 1603 request-tracker3.8_3.8.10-1.dsc
d121ec6463ce919cef74c3ce3ab7e7213cb235726d05abd26c717a7eab6c1448 5642566 request-tracker3.8_3.8.10.orig.tar.gz
ff1e64aa7c5be1136dddb72de265cce75277547333cbde9593818332d4b52666 73996 request-tracker3.8_3.8.10-1.diff.gz
251272ae5b66d0dfccfa55ef0f23d6a6a201fae1d5d4d852422dbf683bc80fce 5165144 request-tracker3.8_3.8.10-1_all.deb
163833928ed7b78f4e119f08e9af04a589aa8caffbdc95d56052179f726a6f59 48246 rt3.8-clients_3.8.10-1_all.deb
7c0627740aa9f834c00a496ff9f582c0b132f30e37f52d904ffc70a75a6c52af 13570 rt3.8-apache2_3.8.10-1_all.deb
e57be2f8ce4adef77d2447c8fe5c52c4f28532b0a352ceaacf5cde3453ccf772 12250 rt3.8-db-postgresql_3.8.10-1_all.deb
b4dba76d7fd81bb788db1b86ccd7546501d1cf8ad3df14768fae8748cbc1263c 12250 rt3.8-db-mysql_3.8.10-1_all.deb
3be4a11ab16d89ea86581e0152a19025d24caa5c8c5c70d6956082483f636055 12344 rt3.8-db-sqlite_3.8.10-1_all.deb
Files:
b8e64ea9a36162232d40ba03438c1b1f 1603 misc optional request-tracker3.8_3.8.10-1.dsc
00c147d71476d032d33dbad76bdc06ff 5642566 misc optional request-tracker3.8_3.8.10.orig.tar.gz
48ebb61a57cf6078b6b30088c815ba6b 73996 misc optional request-tracker3.8_3.8.10-1.diff.gz
3201d27ad3c05ea0b7bbf26663336b2c 5165144 misc optional request-tracker3.8_3.8.10-1_all.deb
17ca06e586ff7bcf63b94e4e73a00b22 48246 misc optional rt3.8-clients_3.8.10-1_all.deb
19825e80298d4ef390bb6d6208b94080 13570 misc optional rt3.8-apache2_3.8.10-1_all.deb
3edb295cf9cde06912ba759fc60af683 12250 misc optional rt3.8-db-postgresql_3.8.10-1_all.deb
efdbe7ad74117d6e4cd02a23f7f70b7a 12250 misc optional rt3.8-db-mysql_3.8.10-1_all.deb
4d63690b10528c5bec3034aa7e2b8321 12344 misc optional rt3.8-db-sqlite_3.8.10-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFNpzEtYzuFKFF44qURAqTYAKCq3f6ZU9hI/JBxf2iwFGARf8cEgACgkfkE
nhEs8/YdT8OYDhfDMfrGAwQ=
=aI6H
-----END PGP SIGNATURE-----
Accepted:
request-tracker3.8_3.8.10-1.diff.gz
to main/r/request-tracker3.8/request-tracker3.8_3.8.10-1.diff.gz
request-tracker3.8_3.8.10-1.dsc
to main/r/request-tracker3.8/request-tracker3.8_3.8.10-1.dsc
request-tracker3.8_3.8.10-1_all.deb
to main/r/request-tracker3.8/request-tracker3.8_3.8.10-1_all.deb
request-tracker3.8_3.8.10.orig.tar.gz
to main/r/request-tracker3.8/request-tracker3.8_3.8.10.orig.tar.gz
rt3.8-apache2_3.8.10-1_all.deb
to main/r/request-tracker3.8/rt3.8-apache2_3.8.10-1_all.deb
rt3.8-clients_3.8.10-1_all.deb
to main/r/request-tracker3.8/rt3.8-clients_3.8.10-1_all.deb
rt3.8-db-mysql_3.8.10-1_all.deb
to main/r/request-tracker3.8/rt3.8-db-mysql_3.8.10-1_all.deb
rt3.8-db-postgresql_3.8.10-1_all.deb
to main/r/request-tracker3.8/rt3.8-db-postgresql_3.8.10-1_all.deb
rt3.8-db-sqlite_3.8.10-1_all.deb
to main/r/request-tracker3.8/rt3.8-db-sqlite_3.8.10-1_all.deb
Reply to: