Accepted request-tracker4 4.4.4+dfsg-2+deb11u3 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted request-tracker4 4.4.4+dfsg-2+deb11u3 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 07 Nov 2023 21:18:08 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: request-tracker4_4.4.4+dfsg-2+deb11u3_source.changes
- Debian-source: request-tracker4
- Debian-suite: oldstable-proposed-updates
- Debian-version: 4.4.4+dfsg-2+deb11u3
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=sW0gS3P+AOAVtHoUegWgeOQiRzs2fvPzm/XBuGnLmZU=; b=raH91kOdGT6vIvdt69dNjiX7un ERpiXQq/cffm8MFTxeOIjQj7fySznNeI4CCmUXv+5hfUGZARNrtVPWhGkSYl4CXrcsQxbGTeLW9w2 AQHtFO/YC1g85Qfg9Fb1EXGcxIKD2VJUSIJQkOlqDL9+ImfSfwzMxpeR9IE2hgo8SXWMBqaY1mjrR 2z6WxmvhrD8HAFK7rRVgzwqFFQ+F4W5MWuSvS3517QOeCX28V9z6HtGc2O/J8YEyeM9PBz3dalCcE 1rLGuva7dDUxQdb4moikKhkrRAX4F8BafRcp8JfVbkDWEDrNxmU/y0p8l6P/T2uwKDN294WNiCb+u jFQb2mOw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1r0TSa-000dJO-Qd@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 26 Oct 2023 00:06:57 +1300
Source: request-tracker4
Architecture: source
Version: 4.4.4+dfsg-2+deb11u3
Distribution: bullseye-security
Urgency: medium
Maintainer: Andrew Ruthven <andrew@etc.gen.nz>
Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
Closes: 1054516
Changes:
request-tracker4 (4.4.4+dfsg-2+deb11u3) bullseye-security; urgency=medium
.
* Apply upstream patch which fixes several security vulnerabilities
(Closes: 1054516).
- [CVE-2023-41259] Vulnerablility to unvalidated email headers in
incoming email and the mail-gateway REST interface.
- [CVE-2023-41260] Information leakage via response messages returned
from requests sent via the mail-gateway REST interface.
* Add upstream fix to tests for FTBFS due to expired certs.
Checksums-Sha1:
0e2257e75ae282fa6b9e4b00c0af14297c749f04 5572 request-tracker4_4.4.4+dfsg-2+deb11u3.dsc
c953d67fbbec554f50c2f88ee36a980cb90eacdd 151836 request-tracker4_4.4.4+dfsg-2+deb11u3.debian.tar.xz
eae0e6b6f4ac93a97cd4ca040dc9be66c08a50a3 20043 request-tracker4_4.4.4+dfsg-2+deb11u3_amd64.buildinfo
Checksums-Sha256:
0005fb0da6c7a20d98961f90c8c556e3da6473bf430b1a41d96dc5053895df6e 5572 request-tracker4_4.4.4+dfsg-2+deb11u3.dsc
033fe7a8d73a70b0abc97d0402b4c75e486fa042c9c63aac1f7ca1c82e599014 151836 request-tracker4_4.4.4+dfsg-2+deb11u3.debian.tar.xz
4e0aebf585525e6efe523ac5c633a21373f2b2b30799bf0c0ccae1dd9621476a 20043 request-tracker4_4.4.4+dfsg-2+deb11u3_amd64.buildinfo
Files:
bb25782f871c8aee9143bf200503b059 5572 misc optional request-tracker4_4.4.4+dfsg-2+deb11u3.dsc
5c9725ca3d69d1d73e3fd143df95fd09 151836 misc optional request-tracker4_4.4.4+dfsg-2+deb11u3.debian.tar.xz
b8c0b2cb6edaf4c230554d0e66a1f4e3 20043 misc optional request-tracker4_4.4.4+dfsg-2+deb11u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmU/d4kACgkQS1PZMeTT
6GNigA//W4Is/Ex+bBGs35k7+RcabFTBZqbT7FUdSX3MF/5785MxtLkwA96rv53c
tcF8xQ5zFjqFmtgGpL6q8ZLP7miErq94iy5X7RAf/dIun2GkzSxPIt713LkRpeAH
Jn9NljRCFKjpvSVWVOGYi96aGF9qeCs53AIzI25NydIyl646IDjdF/ggzSN4vXi4
nbU2hT5m2w/XOUeSKqBecCi6H15J6CCkdYoLSHkDtlEJbrESb3VtaLy/Owv9/oGx
hVdlnGVcCqtBZIudiooeVISJh0P5H3UFCbyuaB0NV3hXNnablivwM/X06NjpN9xa
MFsgrMtjJBJ6l3ImgkMJSGFSD8AINwClhKphsZOMwBDPTAuStFcYwf5NAY32xlny
JZ8k/B4ZRfnh11HH9CZlrMjx0twORDfwrzyvY2IJ3pRzTxtp42S3QBNkMaPWImhV
uZcl9CnjYDdmQgGCt7y7JU+F48JMsLT2dZKusBlYQibpGA/SfQ+HtKZ2LwwgbN5V
DN2Z0Y7m88XEp9mmRvEW32BYgBoHo1bKY/oMFMtFHCjh/v1GGobw91HrPQStHdOJ
I2lwPgX2OHQxbFxXAt/aj2ucJXTVeLdwI45aWWm6D/7Wl9p0VgJ5uCp9wzCuyrkD
sW/Qp0Bx8ESweU9iLq5d4QVzaXm9cDxVpauWUFQlrVKar55Cx4A=
=/MkI
-----END PGP SIGNATURE-----