Debian
request-tracker4 package

request-tracker4 4.4.1-4 source package in Debian

Changelog

request-tracker4 (4.4.1-4) unstable; urgency=high

  * Add dependency on libhtml-gumbo-perl for better table rendering
  * Handle configuration permissions correctly following
    RT_SiteConfig.d changes (Closes: #862426)
  * Improve documentation for Apache configurations (thanks to
    Michael Howe for the text)
  * Add support for dbconfig-no-thanks opt-out (Closes: #854789)
  * Fix multiple security issues:
    - [CVE-2017-5943] CSRF verification token information leak
    - [CVE-2016-6127] XSS in file uploads
    - [CVE-2017-5361] Timing side-channel vulnerability in password
      verification
    - [CVE-2017-5944] Remote code execution in dashboard interface
    - Add check for incorrect RestrictLoginReferrer configuration setting
  * Work around a DoS vulnerability in Email::Address (CVE-2015-7686)

 -- Dominic Hargreaves <email address hidden>  Wed, 14 Jun 2017 23:55:29 +0100

Upload details

Uploaded by:
Debian Request Tracker Group
Uploaded to:
Sid
Original maintainer:
Debian Request Tracker Group
Architectures:
all
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
request-tracker4_4.4.1-4.dsc 5.3 KiB d7da4681069dd97d3e16c3e789594d7162a6181b567b28f030ea2c32361dba3a
request-tracker4_4.4.1.orig-third-party-source.tar.gz 1.1 MiB 5cdc9d979a44ac53aa67e2ddecc17477dbe53fa8be8b4147b5f9a3b83cabdaf8
request-tracker4_4.4.1.orig.tar.gz 8.6 MiB f87329911020e01b39948070aec2bd7abf0c81641f0cf2f25e01c690a19f24f5
request-tracker4_4.4.1-4.debian.tar.xz 81.9 KiB efb4124bcd99375d12caa6ec26513a9cfc8b7724d3fc008c7019b433d89e247f

Available diffs

No changes file available.

Binary packages built by this source