[request-tracker-maintainers] Bug#674032: Bug#674032: Fwd: [rt-announce] Security vulnerabilities in RT
Stefan Hornburg (Racke)
racke at linuxia.de
Fri May 25 06:54:40 UTC 2012
On 05/23/2012 02:20 PM, Dominic Hargreaves wrote:
> fixed 674032 4.0.5-3
> thanks
>
> On Tue, May 22, 2012 at 06:43:13PM +0200, Stefan Hornburg (Racke) wrote:
>> package: request-tracker4
>> version: 4.0.5-2
>> tags: security
>
> <snip upstream advisory>
>
> This has been fixed in 4.0.5-3 and will, I understand, be fixed in 3.8
> via a DSA later today. Source code to that update is at
>
> svn://svn.debian.org/svn/pkg-request-tracker/packages/request-tracker3.8/tags/3.8.8-7+squeeze2
>
> (Note: viewvc is broken for pkg-request-tracker SVN, I suspect because
> it's showing an obsolete CVS repo instead).
>
Please note that the security patch (for 3.8) seems to be buggy:
http://www.gossamer-threads.com/lists/rt/users/110225
Regards
Racke
--
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team
More information about the pkg-request-tracker-maintainers
mailing list