Accepted request-tracker4 4.4.3-2+deb10u3 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted request-tracker4 4.4.3-2+deb10u3 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 30 Oct 2023 21:10:29 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: request-tracker4_4.4.3-2+deb10u3_source.changes
- Debian-source: request-tracker4
- Debian-suite: oldoldstable
- Debian-version: 4.4.3-2+deb10u3
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=Fxfb4j0910c7Lr/focQXmgkvvmEtSrSXnR/ij4rRKqE=; b=FxNtELcHQXDY416o2xkZwnPEKp Uxw5skhfoAKYcdufDb7bCsNIH/VWFRU3xXDCRSoXLXOLn0ZMCigwF8A+4itVn5sAQDHQj/lT+9NWG EYZs/KKsXbW+2EBrOHQuphH+zFP8+gKra93s7Tcivj46jEGefobW3mOL+ZzfiKWUxF1y7EFk+9HCp SOCd1MIKKXghBOg2/xed/aysz3mlLWpOdFSydsprrA1MwKB8Xb0mqGm7eFn6vxZtM1ygftKGh7d3+ PJFnypw9NzLjZe2mLTs/mCZkTXs+GibvH0hT8iHak8AhvlUpZaQP3LSz10LfHahPhQxyyB4rmE4XQ VuRVr1bQ==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qxZWn-00EMdy-4e@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 08 Oct 2023 22:41:41 +1300
Source: request-tracker4
Architecture: source
Version: 4.4.3-2+deb10u3
Distribution: buster-security
Urgency: medium
Maintainer: Andrew Ruthven <andrew@etc.gen.nz>
Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
Closes: 1054516
Changes:
request-tracker4 (4.4.3-2+deb10u3) buster-security; urgency=medium
.
* Apply upstream patch which fixes several security vulnerabilities
(Closes: #1054516).
- [CVE-2023-41259] Vulnerablility to unvalidated email headers in
incoming email and the mail-gateway REST interface.
- [CVE-2023-41260] Information leakage via response messages returned
from requests sent via the mail-gateway REST interface.
* Add upstream fix to tests for FTBFS due to expired certs.
Checksums-Sha1:
b90573d9067c8de3ea1f3ce54904640e7fbfe42a 5524 request-tracker4_4.4.3-2+deb10u3.dsc
da1dc0cf0430bee9d58669bc53aea7ed39de6619 143800 request-tracker4_4.4.3-2+deb10u3.debian.tar.xz
a96176b9c8233e4cdb2d521e84cb114a07bdf5c8 19474 request-tracker4_4.4.3-2+deb10u3_amd64.buildinfo
Checksums-Sha256:
2a35012ccb5cf3276f27f9779e1542aa0ccc5ac6008b8e2832c9c7336acb1b8d 5524 request-tracker4_4.4.3-2+deb10u3.dsc
eef5f11e1f89cf701aa81e1ddcf9dbd2aac961409d2af922e967dd41413df18b 143800 request-tracker4_4.4.3-2+deb10u3.debian.tar.xz
98df61f8ba6f3aecec4d3462e805b6a389ce36f6366b6a454bbc5b61c826a1cf 19474 request-tracker4_4.4.3-2+deb10u3_amd64.buildinfo
Files:
eb7e38c132197f2b64604e02fa583eb1 5524 misc optional request-tracker4_4.4.3-2+deb10u3.dsc
2747ed855fe4733f33e915a769d45d50 143800 misc optional request-tracker4_4.4.3-2+deb10u3.debian.tar.xz
78788087abe96b52f735ab790d28b3fc 19474 misc optional request-tracker4_4.4.3-2+deb10u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmVAGM0ACgkQS1PZMeTT
6GMdRg//d+FvjmWVMokcv3YK9UGmXa1E0STYYN0IeTJmYCKKSCzn8N2qwg2t0TRf
SkpsFeq61nfJ5rf5BjSnUQcxnrhvDSFWm7GPnFinAk3hj3kYA7WI/cyNH6lJTn6d
CAG18wSdJW+0QP3ihz/ppCSV+7B7KnqE9kp63HsVqkaDfwxevt/pjubXxFEBsjC2
rH3a+tJY2fmCrCdvPEVA0hR5XVZ71uJdsrYNJ2V72XOK1FDHud6LT8YaEOnLyuL1
JgIHxNkftCSg6SSTfD2qLJ8yF77BcU3OASUizup27f/hT9zF09OrZCDjXzkiHhid
0RluSe2zT1CIi3CdGd1yoJMrimUDVOrxOQ4+FGp0NWvMV11skxu68/MoTdhwL6td
rwajLpcfft8whqq9tOsMQLFN2Ip+MNsL/G36moJclISQAbNYwoJredQ5IBAd6rLk
KORLViJk1oOri8sjczg6KINLX+wKEwKVMe9WGsjc+6zKnQ3euz4k5VK3dubC+nGw
GK5xLSCgZf3dMY6bI9o3kHk5i7a9c3Jvr3JpN/HBHSNm9QlgcGzrBbkznhnOywkQ
H41nRmC4gy6l706dUs0KMC8BD++5XpYiS2cJRXD7C+pEF+hG8icCHl4nN55du1cl
bjXPJ0/G6ZX1DSWlVRw2Ejit7XrAFfj5aQdTXhyTxOV3MKP0gnQ=
=tKdZ
-----END PGP SIGNATURE-----