Accepted request-tracker4 4.4.6+dfsg-1.1+deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted request-tracker4 4.4.6+dfsg-1.1+deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 04 Nov 2023 12:47:12 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: request-tracker4_4.4.6+dfsg-1.1+deb12u1_source.changes
- Debian-source: request-tracker4
- Debian-suite: proposed-updates
- Debian-version: 4.4.6+dfsg-1.1+deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=tfhEePA/fLGIV9IXATD0Sl9puDYJntbRacYsGAYShUM=; b=Zy2WeX9HhtNHG34DjAbDFX0GXd HuBqE/p8JgtkLt6WvdOh6VrJmV0W4MyLa+p+MPw0vgdTq19NnOWn5LRAfeqrMMO3/V81F/CgGAHpj 5Yt9UZMU+cAurQc9TufTNRcU+famt4V0lan750LRNXE85wSFuwwZI8GtT08f6hDvfmyyUBx9zUlBn V75nHwT85isibJRmyb6Vr12FaBd+zQU9JiW4QTZJ3yOKs7xQkDkTAf8DHoD5jZVXiPpsWVSu1FSMv jQnboRQO7rAKNTCRThnp8nGk0ezLiiVeErSYHwIPXw06jTbxRYRtjPb9Iy/TPTH/tL+G+rwd47DID phoiT+Lw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qzG3U-001I8K-Vu@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 25 Oct 2023 22:32:15 +1300
Source: request-tracker4
Architecture: source
Version: 4.4.6+dfsg-1.1+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Andrew Ruthven <andrew@etc.gen.nz>
Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
Closes: 1054516
Changes:
request-tracker4 (4.4.6+dfsg-1.1+deb12u1) bookworm-security; urgency=medium
.
* Apply upstream patch which fixes several security vulnerabilities
(Closes: #1054516).
- [CVE-2023-41259] Vulnerablility to unvalidated email headers in
incoming email and the mail-gateway REST interface.
- [CVE-2023-41260] Information leakage via response messages returned
from requests sent via the mail-gateway REST interface.
* Replace patches from 4.4.6+dfsg-1.1 with git-dpm managed patches:
- Switch-to-Test-MockTime-HiRes-in-date-api-test.diff
- Update-tests-for-EN-datetime-locale-change-to-space.diff
* Add upstream fix to tests for FTBFS due to expired certs.
Checksums-Sha1:
afe55f037df3622f6f6946852885a9d5eb13851c 5978 request-tracker4_4.4.6+dfsg-1.1+deb12u1.dsc
a94cec5d6a6068fb07b8545343400a45b13214e6 3175260 request-tracker4_4.4.6+dfsg.orig-third-party-source.tar.gz
42047a4f7dc71c6fd51749c82aed3d6c3364f32a 10783318 request-tracker4_4.4.6+dfsg.orig.tar.gz
605eccf4536aa753c59e8daae593db36cb396050 455 request-tracker4_4.4.6+dfsg.orig.tar.gz.asc
ea61808acbfb7b74e28ad46220227254bf9c35a8 148136 request-tracker4_4.4.6+dfsg-1.1+deb12u1.debian.tar.xz
5c67a48f2d3d548998f8fecd55b400096306c8b7 20758 request-tracker4_4.4.6+dfsg-1.1+deb12u1_amd64.buildinfo
Checksums-Sha256:
1a7e17f215a9ba9b4066c09b5b05c37dc33391d36a62cc3bcf7a42400ef59675 5978 request-tracker4_4.4.6+dfsg-1.1+deb12u1.dsc
c60bce0df49c477ae50f61836dccdfd63a2bd6abb696e093688c15be7f0966a3 3175260 request-tracker4_4.4.6+dfsg.orig-third-party-source.tar.gz
1eff5bd9e556b5d6682ccd0e5b2f3dcc2c49a9ec4e215dadb90c4caf5e435e9e 10783318 request-tracker4_4.4.6+dfsg.orig.tar.gz
f93cefaa0c4d5047118168aa2212752fe4e5906d8696bcf8fc287a2345b53a71 455 request-tracker4_4.4.6+dfsg.orig.tar.gz.asc
f0dc53e9295e5133159fbc83e0a90944bb15d8827d5a38e52155d775388af4a6 148136 request-tracker4_4.4.6+dfsg-1.1+deb12u1.debian.tar.xz
b3ecb084fb10c2fb1d5673f0c1b15f23c07b16a878086cef0e506dd263d4de16 20758 request-tracker4_4.4.6+dfsg-1.1+deb12u1_amd64.buildinfo
Files:
4fb5f923b7bc49c675568277301ebd9f 5978 misc optional request-tracker4_4.4.6+dfsg-1.1+deb12u1.dsc
1fe827bf2c3d69960d70627209c49b9d 3175260 misc optional request-tracker4_4.4.6+dfsg.orig-third-party-source.tar.gz
a34cde135dd5407df89d4a7ac752252f 10783318 misc optional request-tracker4_4.4.6+dfsg.orig.tar.gz
22d6678e6122cbdf290bbcc7d66ed6ca 455 misc optional request-tracker4_4.4.6+dfsg.orig.tar.gz.asc
92ebc10c25310952bf2d1ac634a1d616 148136 misc optional request-tracker4_4.4.6+dfsg-1.1+deb12u1.debian.tar.xz
83fae7898d7c56b0dd457362122e38c1 20758 misc optional request-tracker4_4.4.6+dfsg-1.1+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmU/djEACgkQS1PZMeTT
6GO5exAAnGLOpXKurMm22kd5T1jTqbENA35Rjt4UKJWFyqmV0FimNE1AQCsu18sy
Wf0eFYleiqriYq+xNlJvR4vcfeqj3wweKs2Vz6jwGsfFPPMY7w16OHUirms/C3cu
wRfsNgEYeBN/ymT6C01bzjz/PubeuELqEWzHSAeKl1uoYgY2U0Ir1EIhr4DM+tdh
nPQSo6diXPy578fkMg6MdTbJwujIIOkSAIRgPDKfGHUIeAZdU3hHwATTqjxtU1gD
xRjPnHtwfNlunvUe3q4qoDoDl0r167lqgoMsQZ47WrzyM+vgDuWrFWjLNbChd8R9
Rm5dDdT7zbKsNIjc7ha/OzLsISUSWbCeT0M0IiGDYiczEgpJC2z5FhqmUSquWbIw
/gE18ZvvqLcoZAUcPmNATBYaXK5APIHNGpnBHznf5Eg7Mk9Pp9votS85Ik8P1Jlv
0PbhD+YzoQDsl2c+K7dgpEqLuLh719ldr1V7M/hVco2Cjwl7pkomAfSqSBObgr2N
Kl693uhdfFWVFa8k+9okPnJX4IHu2QkmrtZH9XSIhOs78l2t5AEIaiExFE76UFbd
4YsDSEzckEXqR+u+Xk4j0hclDM/jaE1+XZ34+bwBw7mxxJzUJnkwmrKbIqsllp/i
OzRNR5U49MIBDgH6FfJR3k71EAEPRvYU+WObDiEp/edefzY7Sic=
=KBJo
-----END PGP SIGNATURE-----