Back to request-tracker4 PTS page

Accepted request-tracker4 4.4.3-2+deb10u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted request-tracker4 4.4.3-2+deb10u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 15 Jul 2022 12:17:33 +0000
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=Ve3ikuViyMTuu6HDkNJwhTSvSJzvpOdZve94sAYX5dc=; b=O9zRr7Uv2Hn13+4mshCQSvs6Dr 8qP52TsXMqvnY0APqzCcAMV8YacrarpfRCfvAtqMKSqP8CRvXKbY55TCTyQ5AEEHlkp0LnTRmwhSP kYxFa9FtE1FYFt9uf0CK/8JsHp6Rzrjws1AMixMs+JQTGq39jq1WiGSFq2+e9/MUso0uTxXgqi/AC KFp1BCND+ZUXQDpUZin7RKx7hbuTHPdt1qc/IvbAugEU9Z+cl73TNVf/0AZSA1HX4PoKpCcznEugO JQWqRBg1qZ8N5h2F/Zc6qQ60CMIhvtRwQe2yCfH4Fwbq32lT7l4Eqdr+qa1QrTZFPBeNm5EwB/eqd xxvzP3Fw==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1oCKGD-0000hA-Qn@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 03 Jul 2022 20:09:25 +1200
Source: request-tracker4
Architecture: source
Version: 4.4.3-2+deb10u2
Distribution: buster-security
Urgency: medium
Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org>
Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
Changes:
 request-tracker4 (4.4.3-2+deb10u2) buster-security; urgency=medium
 .
   * Apply upstream patch which fixes several security vulnerabilities.
     - A cross-site scripting (XSS) issue when displaying attachment content
       with fraudulent content types. This vulnerability is assigned
       CVE-2022-25802.
     - Not performing full rights checks on access to file or image type
       custom fields, possibly allowing access to these custom fields by
       users without rights to access to the associated objects (like the
       ticket it is associated with).
Checksums-Sha1:
 0889b99b315da05f05827ec61cff1036f2ddabe0 5542 request-tracker4_4.4.3-2+deb10u2.dsc
 05d503c63faaf7078e55ecc0304e7d30532e0f06 1132743 request-tracker4_4.4.3.orig-third-party-source.tar.gz
 f25411cfd742eabc8ef150e3cd7d429a53cc6705 9584927 request-tracker4_4.4.3.orig.tar.gz
 3c3dbaa74296b40c08677ff2919f2517c095d6ac 80396 request-tracker4_4.4.3-2+deb10u2.debian.tar.xz
 fe03e6a8af028871c340cc0bc44a9232773cd591 18974 request-tracker4_4.4.3-2+deb10u2_source.buildinfo
Checksums-Sha256:
 e44ad0eed32d79f0a677f46b7fcc8b1c2ccb7e31ce33ad35c437569df3bab0c3 5542 request-tracker4_4.4.3-2+deb10u2.dsc
 e429e3319881fed1fe4aa53bf3384a34ee1eb5c60a71f908dbdabd662813b8fc 1132743 request-tracker4_4.4.3.orig-third-party-source.tar.gz
 738ab43cac902420b3525459e288515d51130d85810659f6c8a7e223c77dadb1 9584927 request-tracker4_4.4.3.orig.tar.gz
 1c2aaa61c45e8bfce83a32853a04fe0df68858243e0832dfa439cd8b58de3ada 80396 request-tracker4_4.4.3-2+deb10u2.debian.tar.xz
 275b3f48902ed4458adb2b13b85d4dcf9e5c6bc67bcd43c247fb491663616b71 18974 request-tracker4_4.4.3-2+deb10u2_source.buildinfo
Files:
 6119ece8ac217b8db9b89346dce9959a 5542 misc optional request-tracker4_4.4.3-2+deb10u2.dsc
 5df546015e52215c338bcee5c02c4206 1132743 misc optional request-tracker4_4.4.3.orig-third-party-source.tar.gz
 b30e71b60651c76af2a801ea48a89df0 9584927 misc optional request-tracker4_4.4.3.orig.tar.gz
 3e9d347b89262dbe7ba9b44afd90074f 80396 misc optional request-tracker4_4.4.3-2+deb10u2.debian.tar.xz
 067b111fe64025277625cdf4366d5be5 18974 misc optional request-tracker4_4.4.3-2+deb10u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJBBAEBCAArFiEEy0llJ/kAnyscGnbawAV+cU1pT7IFAmLOtg8NHGRvbUBlYXJ0
aC5saQAKCRDABX5xTWlPsjvYEACf23LqssueR4IhHvmW0F9vSpWBOPZniJq8Mi0G
r7rcr/1zP3ep4grXpjlA2hkqx/YwFW/vlJhv91wuGTGATNQfGKB3EjHTXsX1Jv8t
j7v+V8XiV9sU20sNZLPOQIYJpUD7yWlkkM4RKXBCbnRTaJphaxPNGy++Iho25itR
PTRZRe2MHswbjJ/UqbWh7b7+xZXyvlpAxsI0tosBWGg7+ONrxBoklffe8YsHaYl8
1QgFhnQiz/Gz7yG+sUH9L6cvu/nEiKhiFyQd5ZFsKgn6kzskfx6dgHccPxcdszO/
yWatauLKToOsXkhEA9yYRIkSkYrHFjPted/4FxQ/sN4Z6juMH0qmgyI51v9zicxf
kXy+6x9dZMCM0vKApe7pKHSCf9jd2Wrc+UlQ7G9A4P5UO9kqPbgRPwMCHlT1Ygxy
hoyiHr69jrZQE/zQduEyNaEMZBTuinyZa8xK0RQqkoUHXk9kfOsgBqOATqRGEuNT
k3Oqk55ObShTK0VdHG3uCJ9zzYKpPSbbRmxWPoNRkEJ+VLvPSuSZhHiR2gba2kIs
QGNM4Npp1blbc1ORDh42OaoxdjfnBStACqW2AyUTM2zrMty3cOIjb92cyq7nA0Ru
DLPRQj+/0N4M+HHdKh/Cjd+uQvZbH+J+P9DLHgilTdnROwJc94lkU8k4K6wJPItv
0ZnvUA==
=NW+l
-----END PGP SIGNATURE-----