request-tracker5 5.0.3+dfsg-3~deb12u2 source package in Debian
Changelog
request-tracker5 (5.0.3+dfsg-3~deb12u2) bookworm-security; urgency=medium * Apply upstream patch which fixes several security vulnerabilities (Closes: #1054517). - [CVE-2023-41259] Vulnerablility to unvalidated email headers in incoming email and the mail-gateway REST interface. - [CVE-2023-41620] Information leakage via response messages returned from requests sent via the mail-gateway REST interface. - [CVE-2023-45024] Information leakage via transaction searches made by authenticated users in the transaction query builder. - Reveal information about data on various RT objects in errors and other response messages to REST 2 requests. * Add upstream fix to tests for FTBFS due to expired certs. -- Andrew Ruthven <email address hidden> Wed, 25 Oct 2023 22:26:55 +1300
Upload details
- Uploaded by:
- Debian Request Tracker Group
- Uploaded to:
- Bookworm
- Original maintainer:
- Debian Request Tracker Group
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Bookworm | release | main | misc |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
request-tracker5_5.0.3+dfsg-3~deb12u2.dsc | 6.1 KiB | cbb6a74e3387753f7136d961fbdf7813ebf889463a56e171582f49becaf6ae2d |
request-tracker5_5.0.3+dfsg.orig-third-party-source.tar.gz | 3.1 MiB | 49b856ff23be2f5265c7b3460ac3d49ef24e4462b8165d39fbb12b7776d0e66a |
request-tracker5_5.0.3+dfsg.orig.tar.gz | 17.7 MiB | e23aee3cb291ccad5e521aeabe0fcd2f076bcfa8b7f801af498a7505e53d8441 |
request-tracker5_5.0.3+dfsg.orig.tar.gz.asc | 455 bytes | 6cfc32a9bf2d09768a5ac2b103f21d6675dfc3490c06190562296e5b2082ccce |
request-tracker5_5.0.3+dfsg-3~deb12u2.debian.tar.xz | 158.4 KiB | 0f24c6e744fa8be92842fedd14f9dd3e670bc33593a77eb1440a848ab7580095 |
No changes file available.