Debian
request-tracker4 package

request-tracker4 4.2.8-3+deb8u2 source package in Debian

Changelog

request-tracker4 (4.2.8-3+deb8u2) jessie-security; urgency=high

  * Fix FTBFS due to base.pm changes (Closes: #864302)
  * Fix multiple security issues:
    - [CVE-2017-5943] CSRF verification token information leak
    - [CVE-2016-6127] XSS in file uploads
    - [CVE-2017-5361] Timing side-channel vulnerability in password
      verification
    - [CVE-2017-5944] Remote code execution in dashboard interface
    - Add check for incorrect RestrictLoginReferrer configuration setting
  * Work around a DoS vulnerability in Email::Address (CVE-2015-7686)

 -- Dominic Hargreaves <email address hidden>  Sat, 10 Jun 2017 23:25:11 +0100

Upload details

Uploaded by:: Debian Request Tracker Group on 2017-07-22

Uploaded to:: Jessie

Original maintainer:: Debian Request Tracker Group

Architectures:: all

Section:: misc

Urgency:: Very Urgent

See full publishing history Publishing

Series	Pocket	Published	Component	Section

Builds

Downloads

File	Size	SHA-256 Checksum
request-tracker4_4.2.8-3+deb8u2.dsc	5.5 KiB	6f759c001d865196694323cd77c9e227a95904224bda0c84f057ebb873f5a5bd
request-tracker4_4.2.8.orig-third-party-source.tar.gz	1.3 MiB	869587a9841be27984bf63f112a18a0d530abbe62894d7cb53d8096950ee4df3
request-tracker4_4.2.8.orig.tar.gz	7.3 MiB	25009913d2d495ff91f21a47a61ebec1a246a2c89422e22700810a7ef51ede4c
request-tracker4_4.2.8-3+deb8u2.debian.tar.xz	76.7 KiB	7686f9ec7bea98d4c9fdecb76b6a846f55e2f12f0d7133e7e4f61a9f7b43e902

No changes file available.

Debianrequest-tracker4 package

request-tracker4 4.2.8-3+deb8u2 source package in Debian

Changelog

Upload details

See full publishing history Publishing

Builds

Downloads

Binary packages built by this source

Debian
request-tracker4 package