Accepted request-tracker5 5.0.5+dfsg-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted request-tracker5 5.0.5+dfsg-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sun, 29 Oct 2023 09:51:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: request-tracker5_5.0.5+dfsg-1_source.changes
- Debian-source: request-tracker5
- Debian-suite: unstable
- Debian-version: 5.0.5+dfsg-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=0kVo19sJoW9socmXEpOsGkVSpGNw3vibAB2+B+Qau5Q=; b=Ubw5pmtxNfWhNoKUrYJwyLLxvJ iqhXrDQtnPtNOy7X96yCM9AbfXXNS3u76a6QDcLn1BlQsxgAWNQ0gwotrvlwlAfbIXkeln2GhvEUr v65Eo3RACaQgKLbtDTDgM9PocUfTvKLtbdroVsbJ7GqCcJuIfgd5jR2k1cwBxnc1MSs6ojC52t7K9 PAF7f6+CP8Sy26WJCUVNHC5TLDDGqMZDHXR1BokCOfWK5KGLWAv1RQkuOt0l8dRQfCghvCED0J+oO UijkwYhAnm9yfSItyUSxDs/mbYvHAucxlRKr3gImqqgteVXnic2nr27UE65dS4p7B2bmd0Icig/Aa hKWJzD2g==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qx2S0-003jyM-OV@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 29 Oct 2023 13:42:33 +1300
Source: request-tracker5
Architecture: source
Version: 5.0.5+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Andrew Ruthven <andrew@etc.gen.nz>
Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
Closes: 1054517
Changes:
request-tracker5 (5.0.5+dfsg-1) unstable; urgency=high
.
* New upstream release (Closes: #1054517).
- [CVE-2023-41529] Vulnerablility to unvalidated email headers in
incoming email and the mail-gateway REST interface.
- [CVE-2023-41620] Information leakage via response messages returned
from requests sent via the mail-gateway REST interface.
- [CVE-2023-45024] Information leakage via transaction searches made by
authenticated users in the transaction query builder.
- Reveal information about data on various RT objects in errors and other
response messages to REST 2 requests.
* Drop patches no longer needed:
- Update-expired-certificates.diff
- Update-legacy-timezones.diff
- install_rt-clean-shorteners.diff
* Drop patches merged upstream:
- fcgi_client_sigpipe.diff
- fix_pod_rt_munge_attachments.diff
* Add autopkgtests.
Checksums-Sha1:
51eb2a2620e90fed2c7f5a440b702c76226a260e 6262 request-tracker5_5.0.5+dfsg-1.dsc
fc77d6d5b743c92a65edd55e3a51dc02494b7c0d 3271862 request-tracker5_5.0.5+dfsg.orig-third-party-source.tar.gz
b94ac7c237d108da79474f0250b83f92c6607a78 19055361 request-tracker5_5.0.5+dfsg.orig.tar.gz
83547a7ccc587e1801af355d7ff333a682bb3ab3 488 request-tracker5_5.0.5+dfsg.orig.tar.gz.asc
dbc079772f81664c8283af82d0b945ea9c240dea 144360 request-tracker5_5.0.5+dfsg-1.debian.tar.xz
8d97778f2b5a319183c0721f0b1e659f739ee4a1 23662 request-tracker5_5.0.5+dfsg-1_amd64.buildinfo
Checksums-Sha256:
edc7c567e7247e5eeb24e3da1a299f552705f41b13ac44b0c519fd3a44c28233 6262 request-tracker5_5.0.5+dfsg-1.dsc
420ef039ded33e2a9b75a092a867ff4510d6da0725471427abcabbfb6aa66bf9 3271862 request-tracker5_5.0.5+dfsg.orig-third-party-source.tar.gz
90f845daaa436198c334b6e9cf5afb1df9f4445dcc165d0bcae35de9eb9be8ef 19055361 request-tracker5_5.0.5+dfsg.orig.tar.gz
0c6f256434ae9d18e08e5267ae0dd6af817378c48a01e9bdc49a7cadbe43c47a 488 request-tracker5_5.0.5+dfsg.orig.tar.gz.asc
8c8ee28536477cb2049e3db873c2a45526397306d8f6c03e5288c0856559447d 144360 request-tracker5_5.0.5+dfsg-1.debian.tar.xz
f0199ad2a500568ddc8cf7ef8d166ddc586509b3aeb7c4cd8a61324df01570a6 23662 request-tracker5_5.0.5+dfsg-1_amd64.buildinfo
Files:
5da7fde44dffcf333efc1695dfcbc143 6262 misc optional request-tracker5_5.0.5+dfsg-1.dsc
679ce43ff1559c1036b1cdb0864d8473 3271862 misc optional request-tracker5_5.0.5+dfsg.orig-third-party-source.tar.gz
01a9c4c82fe05e890db36e78f3a4c935 19055361 misc optional request-tracker5_5.0.5+dfsg.orig.tar.gz
ba15b59fe30b44e49b58d9d231d66999 488 misc optional request-tracker5_5.0.5+dfsg.orig.tar.gz.asc
d6c7680270710afe3c72b0c5ac21255e 144360 misc optional request-tracker5_5.0.5+dfsg-1.debian.tar.xz
f37095806cee3cf3fea80e11de280cb6 23662 misc optional request-tracker5_5.0.5+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmU+CYoACgkQS1PZMeTT
6GMoFw/+O2M/uA6OAtbXE35w+7GXtu44WBwtl41jP43o0qSUXz+iBDaRVA60+YHD
zlI7ufQXDWzFuD0H2Uaa/u020c5oraGAu0yFI3unsXZrBTF0ZVs6Fl342FrbOspJ
PqOdTvdJ6eTNFG0yw4B9ivyU6D+QA1h8k1yL+tG8wFcrGFX90j5OiW0lTk7d8ry0
pZMdmnciSIVXAucfLLS42etcmVumW4O8wEoAkg5d5hZUDNaEONaIRekZKEUheH3Q
76AUeEfj/BNFdmOFr+4dQA1zZPLjdw4hwB0t8Wf2SUy8atnWoOklGQhjZkzg/eI/
SzSlso4vnFbtzDHdqMzk23G9mFecaCVxJTBGhJYcefC3IUje/SPvLTsqtpZ2LabQ
qlsSqOXY9tQuUHpPmD6dhzs3HsoQvMbiy22/cqR/RtkjHBTljhWmnS9bbbHAeY8y
TDce7cRFhGCS6gUjqB91oM/mF131SN+EXhVCWCcuYU0m1pUdKlJCj+q+3QGHvAHe
81TiMKvxjtCHy3REvr/SyJGq7bXaXLelTai/hK6lqlaESRHFe9kDjizcONlfi/oI
2iBCqMaAxhD9aVrjQJglK50ietFRSHZBlL97ThX1RfwWTf8OOX2aUilKlo/2vx9N
9ckQ7U24B2AnHzuXrGaw39g8iZjh6ILZxOsANqqIX8oelEkS6d8=
=lYFY
-----END PGP SIGNATURE-----