request-tracker4 4.0.7-2 source package in Debian

Changelog

request-tracker4 (4.0.7-2) unstable; urgency=high


  * Multiple security fixes for:
    - Email header injection attack (CVE-2012-4730)
    - Missing rights checking for Articles (CVE-2012-4731)
    - CSRF protection allows attack on bookmarks (CVE-2012-4732)
    - Confused deputy attack for non-logged-in users (CVE-2012-4734)
    - Multiple message signing/encryption attacks related to GnuPG
      (CVE-2012-4735)
    - Arbitrary command-line argument injection to GnuPG (CVE-2012-4884)

 -- Dominic Hargreaves <email address hidden>  Tue, 23 Oct 2012 10:58:58 +0100

Upload details

Uploaded by:
Debian Request Tracker Group
Uploaded to:
Sid
Original maintainer:
Debian Request Tracker Group
Architectures:
all
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
request-tracker4_4.0.7-2.dsc 2.1 KiB 8e99958aac1af7aa34eb2a18042c2c4051a4efa1b68a5dc59eb631c2369a7fe5
request-tracker4_4.0.7.orig-third-party-source.tar.gz 766.9 KiB 39a4dd1cbc89a0123149449c89fc8ed0c4751edff1cf16ac93a91d88ad798c9e
request-tracker4_4.0.7.orig.tar.gz 5.6 MiB 3b382f05bededa478fbbd0b6bae2381b52eb7f6c11f1136e48c1c57de06d65ed
request-tracker4_4.0.7-2.debian.tar.gz 74.1 KiB d49a6167534fcce11df414ace0147d78071cc0bef969693368daa3683eb7b95d

Available diffs

No changes file available.

Binary packages built by this source