request-tracker5 5.0.3+dfsg-3~deb12u2 source package in Debian
Changelog
request-tracker5 (5.0.3+dfsg-3~deb12u2) bookworm-security; urgency=medium
* Apply upstream patch which fixes several security vulnerabilities
(Closes: #1054517).
- [CVE-2023-41259] Vulnerablility to unvalidated email headers in
incoming email and the mail-gateway REST interface.
- [CVE-2023-41620] Information leakage via response messages returned
from requests sent via the mail-gateway REST interface.
- [CVE-2023-45024] Information leakage via transaction searches made by
authenticated users in the transaction query builder.
- Reveal information about data on various RT objects in errors and other
response messages to REST 2 requests.
* Add upstream fix to tests for FTBFS due to expired certs.
-- Andrew Ruthven <email address hidden> Wed, 25 Oct 2023 22:26:55 +1300
Upload details
- Uploaded by:
- Debian Request Tracker Group
- Uploaded to:
- Bookworm
- Original maintainer:
- Debian Request Tracker Group
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bookworm | release | main | misc |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| request-tracker5_5.0.3+dfsg-3~deb12u2.dsc | 6.1 KiB | cbb6a74e3387753f7136d961fbdf7813ebf889463a56e171582f49becaf6ae2d |
| request-tracker5_5.0.3+dfsg.orig-third-party-source.tar.gz | 3.1 MiB | 49b856ff23be2f5265c7b3460ac3d49ef24e4462b8165d39fbb12b7776d0e66a |
| request-tracker5_5.0.3+dfsg.orig.tar.gz | 17.7 MiB | e23aee3cb291ccad5e521aeabe0fcd2f076bcfa8b7f801af498a7505e53d8441 |
| request-tracker5_5.0.3+dfsg.orig.tar.gz.asc | 455 bytes | 6cfc32a9bf2d09768a5ac2b103f21d6675dfc3490c06190562296e5b2082ccce |
| request-tracker5_5.0.3+dfsg-3~deb12u2.debian.tar.xz | 158.4 KiB | 0f24c6e744fa8be92842fedd14f9dd3e670bc33593a77eb1440a848ab7580095 |
No changes file available.
