request-tracker4 4.0.12-2 source package in Debian
Changelog
request-tracker4 (4.0.12-2) unstable; urgency=high * Multiple security fixes for: - Privileged user escalation (CVE-2012-4733) - Semi-predictable temporary file names (CVE-2013-3368) - Arbitrary Mason component execution (CVE-2013-3369) - Direct execution of private callback components (CVE-2013-3370) - XSS via attachment filenames and URLs in messages (CVE-2013-3371) - XSS via Content-Disposition header (CVE-2013-3372) - MIME header injection (CVE-2013-3373) - Limited session reuse when using Apache::Session::File (CVE-2013-3374) * Include database upgrade (dbconfig-common and NEWS) -- Dominic Hargreaves <email address hidden> Wed, 22 May 2013 18:53:16 +0100
Upload details
- Uploaded by:
- Debian Request Tracker Group
- Uploaded to:
- Sid
- Original maintainer:
- Debian Request Tracker Group
- Architectures:
- all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
request-tracker4_4.0.12-2.dsc | 4.4 KiB | 96bcc67f06e6bed264ce15880642bfa91b6084b3d54787a481282f4826d9276e |
request-tracker4_4.0.12.orig-third-party-source.tar.gz | 1.1 MiB | 31410ac58ac8e9368b2e04038d63607ed7e3943fd3e48749a4c80a3a9a11d439 |
request-tracker4_4.0.12.orig.tar.gz | 6.6 MiB | ce246da3c5f03144d3070a2419ccc0756496501f143f343b52b96cb2adec09da |
request-tracker4_4.0.12-2.debian.tar.gz | 84.2 KiB | cde9e00e07e152db26decf69b682baa3a955374073bb429febbe32c1fe5f582c |
Available diffs
- diff from 4.0.12-1 to 4.0.12-2 (8.8 KiB)
No changes file available.