1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES.DEVE

  • Accepted request-tracker5 5.0.7+dfsg-3 (source) into unstable

    From Debian FTP Masters@21:1/5 to All on Sun May 4 09:00:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sun, 04 May 2025 17:51:52 +1200
    Source: request-tracker5
    Architecture: source
    Version: 5.0.7+dfsg-3
    Distribution: unstable
    Urgency: high
    Maintainer: Andrew Ruthven <andrew@etc.gen.nz>
    Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
    Changes:
    request-tracker5 (5.0.7+dfsg-3) unstable; urgency=high
    .
    * Update Standards-Version to 4.7.2 (no changes).
    * Refresh d/copyright.
    * Add Catalan translation, thank you Carles Pina i Estany!
    * Apply upstream patches which fix several security vulnerabilities.
    - [CVE-2025-30087] Vulnerable to Cross Site Scripting via injection of
    malicious parameters in a search URL.
    - [CVE-2025-2545] RT uses the default OpenSSL cipher, 3DES (des3), for
    encrypting SMIME email. This is an outdated cipher algorithm, so the
    default is changed to aes-128-cbc. In addition, this is now configurable
    so you can pick an alternate cipher now or in the future, or revert to
    des3 if needed for compatibility.
    - [CVE-2025-31501] Vulnerable to Cross Site Scripting via JavaScript
    injection in an Asset name.
    - [CVE-2025-31500] Vulnerable to Cross Site Scripting via JavaScript
    injection in an RT permalink.
    Checksums-Sha1:
    0c15a386033a27cff58eb1a3d9ea700f84fcdda0 6012 request-tracker5_5.0.7+dfsg-3.dsc
    f778b63fb2ae3ffd44630f8801911f076b1d5708 128852 request-tracker5_5.0.7+dfsg-3.debian.tar.xz
    26850e42eeee9de6abe19ccbbd59cb0bbba46542 24339 request-tracker5_5.0.7+dfsg-3_amd64.buildinfo
    Checksums-Sha256:
    180ee3aec09ac00371b0c323472b504e278f7eee36c98212ff2ad6d3b43f8f96 6012 request-tracker5_5.0.7+dfsg-3.dsc
    5e9f2739a28ed53c0695acaf44a8095e819daac6b338401afd90a18cd4f12a5e 128852 request-tracker5_5.0.7+dfsg-3.debian.tar.xz
    003371aaa8e919c768ddf16b3849c5b2986d179484e0339cc37c818beb7dbed8 24339 request-tracker5_5.0.7+dfsg-3_amd64.buildinfo
    Files:
    fa00bbf77f42a33cb56437aabafd2085 6012 misc optional request-tracker5_5.0.7+dfsg-3.dsc
    5164d94cb6a64181afa651955c435bb2 128852 misc optional request-tracker5_5.0.7+dfsg-3.debian.tar.xz
    9e8bfa0dfb0e1b6bdfcd1f0a9a859400 24339 misc optional request-tracker5_5.0.7+dfsg-3_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmgXB/oACgkQS1PZMeTT 6GN5/A/+MrmnZHkFjzLXUs6Fh4V0jfJWivNZCnI5XmKMQQY1Dp+zVy8ac9AzD2ij 6LjNqIcFZeJILPz7tjBCJCcgZtPFoNQ4pVpjR063xvZd3CUeIzWI7gsoSQ74AXtq Sx7cOnuEhL5g+ILNR3ThLIzvGo0YAz109xDAtGpL4sVwB6mShxcyci4HFXQ3S0/w wAgfw67VY3HYSmdPWz7dZ/QjjgDaqnUmZemf2XAMmIq0MwklvvFvVCCIH17qBzte vRvB9N31Tahd8wQWKiNCbhotrRo6eqwlYBJE3A51SFwOAeOjkdo3kdv24Ccco0Ja s987qjHILSfLd/qpiIVlk1XHzBwf/pBUWNs+FeFt2xfvB4UWwHhz3qhrs+R6fzlG usjqkYrYH2cl5j008D2TrVS1dG8fo7AlPeNl97PZtWD5DBeIgIWx22mqa1C+M1Bn qhUBxi77KtSVBN3BHcONjdaXpJjNMVpEvRRqtNplU7f1M+I5paQCniIS4lPNWKDj bN8LG3zLiAdlvE/XWBLej02X4q6OaiDfWhW3C4pyv6+P+QAppEH9s8aq3MhhKrrM 8kXSE6VjMlv3IZuDBcp0egqMkBgaOFCQmNDfGuRy83Jd89GpPmJZlO+rroJQWlyM Ok5nz/x07gdcVmq/UOeNRisSWXQ2Zj2uoGTMKoR7lAA/zXN1UOA=
    =TSui
    -----END PGP SIGNATURE-----


    --==============i64705757495747913=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaBcOWwAKCRCb9qggYcy5 ITn9AQCZR3yOpKtZOckCdMLUsTM3HO3+fDxzCoE2aW8Vzs+orAEAvr2aG7qyeIqK jvmiSjeHILeVWvEmfahSjxX/cFwAPAs-m2
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)