request-tracker3.6 3.6.5-1ubuntu0.1 source package in Ubuntu

Changelog

request-tracker3.6 (3.6.5-1ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: support salted passwords in database and upgrade
    unsalted passwords (CVE-2011-0009)
    - LP: #750339
  * Security fix: only allow SuperUsers to edit global RT at a Glance
  * Security fix: escape custom field values before display to prevent
    XSS attack
  * Security fix for session fixation vulnerability (CVE-2009-3585,
    CVE-2009-4151)
  * Security fix: fix information leakage in scrips (CVE-2011-1008)
  * Multiple security fixes for:
     - Information disclosure via SQL injection (CVE-2011-1686)
     - Information disclosure via search interface (CVE-2011-1687)
     - Information disclosure via directory traversal (CVE-2011-1688)
     - User javascript execution via XSS vulnerability (CVE-2011-1689)
     - Authentication credentials theft (CVE-2011-1690)
     - XSS relating to login credentials
 -- Dominic Hargreaves <email address hidden>   Sun, 29 May 2011 14:38:31 +0100

Upload details

Uploaded by:
Dominic Hargreaves on 2011-06-08
Sponsored by:
Jamie Strandboge
Uploaded to:
Hardy
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
all
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Hardy proposed on 2011-06-08 universe misc

Builds

Hardy: [FULLYBUILT] i386

Downloads

File Size MD5 Checksum
request-tracker3.6_3.6.5.orig.tar.gz 1.6 MiB e935ef70ad72e6b9cdaea781b676a4cd
request-tracker3.6_3.6.5-1ubuntu0.1.diff.gz 31.4 KiB 5bf044190263a56c851f2d4ee029aed9
request-tracker3.6_3.6.5-1ubuntu0.1.dsc 1.6 KiB 40f9aba65f670e33b9fdea4615d6f60c

View changes file

Binary packages built by this source

request-tracker3.6: Extensible trouble-ticket tracking system

 Request Tracker (RT) is an enterprise-grade ticketing system which
 enables a group of people to intelligently and efficiently manage
 tasks, issues, and requests submitted by a community of users. It
 features a web, email and command-line interfaces (see the package
 rt3.6-clients).
 .
 This is the 3.6 series of RT, it can be installed alongside the 3.4
 series without any problems.
 .
 Written in object-oriented Perl, RT is a high-level, portable,
 platform independent system that eases collaboration within
 organizations and makes it easy for them to take care of their
 customers.
 .
 RT manages key tasks such as the identification, prioritization,
 assignment, resolution and notification required by
 enterprise-critical applications including project management, help
 desk, NOC ticketing, CRM and software development.

rt3.6-apache2: Apache 2 specific files for request-tracker3.6

 This package provides various configuration files and manages the
 necessary dependencies for running request tracker (RT) version 3.6
 on the Apache 2 web server.
 .
 See the 'request-tracker3.6' package for further information.

rt3.6-clients: Mail gateway and command-line interface to request-tracker3.6

 Install this package onto the mail server so it can inject tickets into
 request-tracker3.6 using rt-mailgate.
 .
 Install it onto any machine on which you want to use the 'rt'
 command-line interface.
 .
 See the 'request-tracker3.6' package for further information.