1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted request-tracker4 4.4.3-2+deb10u2 (source) into oldstable-propo

    From Debian FTP Masters@21:1/5 to All on Fri Jul 15 14:20:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Sun, 03 Jul 2022 20:09:25 +1200
    Source: request-tracker4
    Architecture: source
    Version: 4.4.3-2+deb10u2
    Distribution: buster-security
    Urgency: medium
    Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org>
    Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
    Changes:
    request-tracker4 (4.4.3-2+deb10u2) buster-security; urgency=medium
    .
    * Apply upstream patch which fixes several security vulnerabilities.
    - A cross-site scripting (XSS) issue when displaying attachment content
    with fraudulent content types. This vulnerability is assigned
    CVE-2022-25802.
    - Not performing full rights checks on access to file or image type
    custom fields, possibly allowing access to these custom fields by
    users without rights to access to the associated objects (like the
    ticket it is associated with).
    Checksums-Sha1:
    0889b99b315da05f05827ec61cff1036f2ddabe0 5542 request-tracker4_4.4.3-2+deb10u2.dsc
    05d503c63faaf7078e55ecc0304e7d30532e0f06 1132743 request-tracker4_4.4.3.orig-third-party-source.tar.gz
    f25411cfd742eabc8ef150e3cd7d429a53cc6705 9584927 request-tracker4_4.4.3.orig.tar.gz
    3c3dbaa74296b40c08677ff2919f2517c095d6ac 80396 request-tracker4_4.4.3-2+deb10u2.debian.tar.xz
    fe03e6a8af028871c340cc0bc44a9232773cd591 18974 request-tracker4_4.4.3-2+deb10u2_source.buildinfo
    Checksums-Sha256:
    e44ad0eed32d79f0a677f46b7fcc8b1c2ccb7e31ce33ad35c437569df3bab0c3 5542 request-tracker4_4.4.3-2+deb10u2.dsc
    e429e3319881fed1fe4aa53bf3384a34ee1eb5c60a71f908dbdabd662813b8fc 1132743 request-tracker4_4.4.3.orig-third-party-source.tar.gz
    738ab43cac902420b3525459e288515d51130d85810659f6c8a7e223c77dadb1 9584927 request-tracker4_4.4.3.orig.tar.gz
    1c2aaa61c45e8bfce83a32853a04fe0df68858243e0832dfa439cd8b58de3ada 80396 request-tracker4_4.4.3-2+deb10u2.debian.tar.xz
    275b3f48902ed4458adb2b13b85d4dcf9e5c6bc67bcd43c247fb491663616b71 18974 request-tracker4_4.4.3-2+deb10u2_source.buildinfo
    Files:
    6119ece8ac217b8db9b89346dce9959a 5542 misc optional request-tracker4_4.4.3-2+deb10u2.dsc
    5df546015e52215c338bcee5c02c4206 1132743 misc optional request-tracker4_4.4.3.orig-third-party-source.tar.gz
    b30e71b60651c76af2a801ea48a89df0 9584927 misc optional request-tracker4_4.4.3.orig.tar.gz
    3e9d347b89262dbe7ba9b44afd90074f 80396 misc optional request-tracker4_4.4.3-2+deb10u2.debian.tar.xz
    067b111fe64025277625cdf4366d5be5 18974 misc optional request-tracker4_4.4.3-2+deb10u2_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQJBBAEBCAArFiEEy0llJ/kAnyscGnbawAV+cU1pT7IFAmLOtg8NHGRvbUBlYXJ0 aC5saQAKCRDABX5xTWlPsjvYEACf23LqssueR4IhHvmW0F9vSpWBOPZniJq8Mi0G r7rcr/1zP3ep4grXpjlA2hkqx/YwFW/vlJhv91wuGTGATNQfGKB3EjHTXsX1Jv8t j7v+V8XiV9sU20sNZLPOQIYJpUD7yWlkkM4RKXBCbnRTaJphaxPNGy++Iho25itR PTRZRe2MHswbjJ/UqbWh7b7+xZXyvlpAxsI0tosBWGg7+ONrxBoklffe8YsHaYl8 1QgFhnQiz/Gz7yG+sUH9L6cvu/nEiKhiFyQd5ZFsKgn6kzskfx6dgHccPxcdszO/ yWatauLKToOsXkhEA9yYRIkSkYrHFjPted/4FxQ/sN4Z6juMH0qmgyI51v9zicxf kXy+6x9dZMCM0vKApe7pKHSCf9jd2Wrc+UlQ7G9A4P5UO9kqPbgRPwMCHlT1Ygxy hoyiHr69jrZQE/zQduEyNaEMZBTuinyZa8xK0RQqkoUHXk9kfOsgBqOATqRGEuNT k3Oqk55ObShTK0VdHG3uCJ9zzYKpPSbbRmxWPoNRkEJ+VLvPSuSZhHiR2gba2kIs QGNM4Npp1blbc1ORDh42OaoxdjfnBStACqW2AyUTM2zrMty3cOIjb92cyq7nA0Ru DLPRQj+/0N4M+HHdKh/Cjd+uQvZbH+J+P9DLHgilTdnROwJc94lkU8k4K6wJPItv
    0ZnvUA==
    =NW+l
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)