Back to request-tracker4 PTS page

Accepted request-tracker4 4.4.1-4 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted request-tracker4 4.4.1-4 (source) into unstable
From: Dominic Hargreaves <dom@earth.li>
Date: Thu, 15 Jun 2017 21:07:32 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1dLbzI-000DTf-CT@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 14 Jun 2017 23:55:29 +0100
Source: request-tracker4
Binary: request-tracker4 rt4-clients rt4-standalone rt4-fcgi rt4-apache2 rt4-db-postgresql rt4-db-mysql rt4-db-sqlite rt4-doc-html
Architecture: source
Version: 4.4.1-4
Distribution: unstable
Urgency: high
Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org>
Changed-By: Dominic Hargreaves <dom@earth.li>
Description:
 request-tracker4 - extensible trouble-ticket tracking system
 rt4-apache2 - Apache 2 specific files for request-tracker4
 rt4-clients - mail gateway and command-line interface to request-tracker4
 rt4-db-mysql - MySQL database backend for request-tracker4
 rt4-db-postgresql - PostgreSQL database backend for request-tracker4
 rt4-db-sqlite - SQLite database backend for request-tracker4
 rt4-doc-html - HTML documentation for request-tracker4
 rt4-fcgi   - External FastCGI support for request-tracker4
 rt4-standalone - Standalone web server support for request-tracker4
Closes: 854789 862426
Changes:
 request-tracker4 (4.4.1-4) unstable; urgency=high
 .
   * Add dependency on libhtml-gumbo-perl for better table rendering
   * Handle configuration permissions correctly following
     RT_SiteConfig.d changes (Closes: #862426)
   * Improve documentation for Apache configurations (thanks to
     Michael Howe for the text)
   * Add support for dbconfig-no-thanks opt-out (Closes: #854789)
   * Fix multiple security issues:
     - [CVE-2017-5943] CSRF verification token information leak
     - [CVE-2016-6127] XSS in file uploads
     - [CVE-2017-5361] Timing side-channel vulnerability in password
       verification
     - [CVE-2017-5944] Remote code execution in dashboard interface
     - Add check for incorrect RestrictLoginReferrer configuration setting
   * Work around a DoS vulnerability in Email::Address (CVE-2015-7686)
Checksums-Sha1:
 0cbb3336b62aa5bb310032aef7b005b7de6635ea 5476 request-tracker4_4.4.1-4.dsc
 616c6c6ab9cf0f324d2b6872c45e60972e3c69db 83876 request-tracker4_4.4.1-4.debian.tar.xz
Checksums-Sha256:
 d7da4681069dd97d3e16c3e789594d7162a6181b567b28f030ea2c32361dba3a 5476 request-tracker4_4.4.1-4.dsc
 efb4124bcd99375d12caa6ec26513a9cfc8b7724d3fc008c7019b433d89e247f 83876 request-tracker4_4.4.1-4.debian.tar.xz
Files:
 db2370e39323840af44dcbba233ac7f9 5476 misc optional request-tracker4_4.4.1-4.dsc
 ee1e5d5d01f2c6edda9ff8b54a2c341e 83876 misc optional request-tracker4_4.4.1-4.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJZQcGjAAoJEMAFfnFNaU+y2qoQAOMoxlTyh2UkVSoG9ru5tAMy
5mGaIL0340aMUIbAUc+seI7ICtuqxSATmMU34yPkXpDj+B1TEOBtatbEYWe0jkhf
DKNLEJwSPuW/7LBpd/mJD9PbiGHx0BCfO+38D8f9bk4dFWTc59mhpK2QV5N91Pzp
1Bjm5trcTF8Owf5yIHPhhf48PiC8PymlWT4eofhgZ+Ta/uTm3JE1YbJvjmz7mprB
UhwF06o4AnQikeL9En6uyqQAUXuY9tvad520x6SPe8H29EMgLOeCca6jI5XHjx/m
K97arhDaYrnv8cs6HEx7eA466QJh2f1VtGxBJERniG1YpBxVq2zaZeqHH08Uckrp
oVWAoSsLrBeDiqrRx1WOlCCPX3sj1UR3wLJIbsrYC64cthpaBa9q2OlgpRygQ2l9
c6usiqRz+IKSf/AVxes3+5BBfcYd76plvH3U/DxUTJSQHLuMFsimghSSCsoub0mZ
Nc9B5e7kH1C0M2gojDJDjbWhe6ZeUAUlskzXn9lSOdKj0Ca/j8jcYfTIZq7efJbr
JxYdWNiBhxYGGNT1EhcQ9bSZpLRBT0gMdlh3v3aieqd1f8ATsd+Tko+5g2wx3yjw
LMvEkucti0C/xQAd+9etDPB+2Bg1M4Bu9gP0Gnsuc+zKWsiQvZhTNUg8sfHta3Pa
0lQrVqhoWQ+Ld6jfpUhG
=HY2L
-----END PGP SIGNATURE-----