Accepted request-tracker5 5.0.7+dfsg-3 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted request-tracker5 5.0.7+dfsg-3 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 04 May 2025 06:51:07 +0000
Message-id: <[🔎] E1uBTBr-00EQOx-1s@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 04 May 2025 17:51:52 +1200
Source: request-tracker5
Architecture: source
Version: 5.0.7+dfsg-3
Distribution: unstable
Urgency: high
Maintainer: Andrew Ruthven <andrew@etc.gen.nz>
Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
Changes:
 request-tracker5 (5.0.7+dfsg-3) unstable; urgency=high
 .
   * Update Standards-Version to 4.7.2 (no changes).
   * Refresh d/copyright.
   * Add Catalan translation, thank you Carles Pina i Estany!
   * Apply upstream patches which fix several security vulnerabilities.
     - [CVE-2025-30087] Vulnerable to Cross Site Scripting via injection of
       malicious parameters in a search URL.
     - [CVE-2025-2545] RT uses the default OpenSSL cipher, 3DES (des3), for
       encrypting SMIME email. This is an outdated cipher algorithm, so the
       default is changed to aes-128-cbc. In addition, this is now configurable
       so you can pick an alternate cipher now or in the future, or revert to
       des3 if needed for compatibility.
     - [CVE-2025-31501] Vulnerable to Cross Site Scripting via JavaScript
       injection in an Asset name.
     - [CVE-2025-31500] Vulnerable to Cross Site Scripting via JavaScript
       injection in an RT permalink.
Checksums-Sha1:
 0c15a386033a27cff58eb1a3d9ea700f84fcdda0 6012 request-tracker5_5.0.7+dfsg-3.dsc
 f778b63fb2ae3ffd44630f8801911f076b1d5708 128852 request-tracker5_5.0.7+dfsg-3.debian.tar.xz
 26850e42eeee9de6abe19ccbbd59cb0bbba46542 24339 request-tracker5_5.0.7+dfsg-3_amd64.buildinfo
Checksums-Sha256:
 180ee3aec09ac00371b0c323472b504e278f7eee36c98212ff2ad6d3b43f8f96 6012 request-tracker5_5.0.7+dfsg-3.dsc
 5e9f2739a28ed53c0695acaf44a8095e819daac6b338401afd90a18cd4f12a5e 128852 request-tracker5_5.0.7+dfsg-3.debian.tar.xz
 003371aaa8e919c768ddf16b3849c5b2986d179484e0339cc37c818beb7dbed8 24339 request-tracker5_5.0.7+dfsg-3_amd64.buildinfo
Files:
 fa00bbf77f42a33cb56437aabafd2085 6012 misc optional request-tracker5_5.0.7+dfsg-3.dsc
 5164d94cb6a64181afa651955c435bb2 128852 misc optional request-tracker5_5.0.7+dfsg-3.debian.tar.xz
 9e8bfa0dfb0e1b6bdfcd1f0a9a859400 24339 misc optional request-tracker5_5.0.7+dfsg-3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmgXB/oACgkQS1PZMeTT
6GN5/A/+MrmnZHkFjzLXUs6Fh4V0jfJWivNZCnI5XmKMQQY1Dp+zVy8ac9AzD2ij
6LjNqIcFZeJILPz7tjBCJCcgZtPFoNQ4pVpjR063xvZd3CUeIzWI7gsoSQ74AXtq
Sx7cOnuEhL5g+ILNR3ThLIzvGo0YAz109xDAtGpL4sVwB6mShxcyci4HFXQ3S0/w
wAgfw67VY3HYSmdPWz7dZ/QjjgDaqnUmZemf2XAMmIq0MwklvvFvVCCIH17qBzte
vRvB9N31Tahd8wQWKiNCbhotrRo6eqwlYBJE3A51SFwOAeOjkdo3kdv24Ccco0Ja
s987qjHILSfLd/qpiIVlk1XHzBwf/pBUWNs+FeFt2xfvB4UWwHhz3qhrs+R6fzlG
usjqkYrYH2cl5j008D2TrVS1dG8fo7AlPeNl97PZtWD5DBeIgIWx22mqa1C+M1Bn
qhUBxi77KtSVBN3BHcONjdaXpJjNMVpEvRRqtNplU7f1M+I5paQCniIS4lPNWKDj
bN8LG3zLiAdlvE/XWBLej02X4q6OaiDfWhW3C4pyv6+P+QAppEH9s8aq3MhhKrrM
8kXSE6VjMlv3IZuDBcp0egqMkBgaOFCQmNDfGuRy83Jd89GpPmJZlO+rroJQWlyM
Ok5nz/x07gdcVmq/UOeNRisSWXQ2Zj2uoGTMKoR7lAA/zXN1UOA=
=TSui
-----END PGP SIGNATURE-----

Attachment: pgp_u8BCSR3QQ.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted sensorpro-ble 0.7.0-1 (source) into unstable
Next by Date: Accepted lomiri-system-settings 1.3.1-2 (source) into unstable
Previous by thread: Accepted sensorpro-ble 0.7.0-1 (source) into unstable
Next by thread: Accepted lomiri-system-settings 1.3.1-2 (source) into unstable
Index(es):
- Date
- Thread