[ubuntu/maverick-security] request-tracker3.8_3.8.8-4ubuntu0.1_i386_translations.tar.gz (delayed), request-tracker3.8 3.8.8-4ubuntu0.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu May 5 19:03:48 UTC 2011
request-tracker3.8 (3.8.8-4ubuntu0.1) maverick-security; urgency=low
* Security fix: support salted passwords in database and upgrade
unsalted passwords (CVE-2011-0009)
* Security fix: fix information leakage in scrips (Closes: 614576;
CVE-2011-1008)
* Multiple security fixes for:
- Remote code execution in external custom fields (CVE-2011-1685)
- Information disclosure via SQL injection (CVE-2011-1686)
- Information disclosure via search interface (CVE-2011-1687)
- Information disclosure via directory traversal (CVE-2011-1688)
- User javascript execution via XSS vulnerability (CVE-2011-1689)
- Authentication credentials theft (CVE-2011-1690)
Date: Tue, 19 Apr 2011 23:20:25 +0100
Changed-By: Dominic Hargreaves <dom at earth.li>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/request-tracker3.8/3.8.8-4ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Tue, 19 Apr 2011 23:20:25 +0100
Source: request-tracker3.8
Binary: request-tracker3.8 rt3.8-clients rt3.8-apache2 rt3.8-db-postgresql rt3.8-db-mysql rt3.8-db-sqlite
Architecture: source
Version: 3.8.8-4ubuntu0.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Dominic Hargreaves <dom at earth.li>
Description:
request-tracker3.8 - extensible trouble-ticket tracking system
rt3.8-apache2 - Apache 2 specific files for request-tracker3.8
rt3.8-clients - mail gateway and command-line interface to request-tracker3.8
rt3.8-db-mysql - MySQL database backend for request-tracker3.8
rt3.8-db-postgresql - PostgreSQL database backend for request-tracker3.8
rt3.8-db-sqlite - SQLite database backend for request-tracker3.8
Closes: 614576
Changes:
request-tracker3.8 (3.8.8-4ubuntu0.1) maverick-security; urgency=low
.
* Security fix: support salted passwords in database and upgrade
unsalted passwords (CVE-2011-0009)
* Security fix: fix information leakage in scrips (Closes: 614576;
CVE-2011-1008)
* Multiple security fixes for:
- Remote code execution in external custom fields (CVE-2011-1685)
- Information disclosure via SQL injection (CVE-2011-1686)
- Information disclosure via search interface (CVE-2011-1687)
- Information disclosure via directory traversal (CVE-2011-1688)
- User javascript execution via XSS vulnerability (CVE-2011-1689)
- Authentication credentials theft (CVE-2011-1690)
Checksums-Sha1:
cbbc0b4097a62e079a8d485b14d2b56265fb2ca2 2359 request-tracker3.8_3.8.8-4ubuntu0.1.dsc
f773b51ca93f4d1e4b9081050d7026fdcb02a11b 81322 request-tracker3.8_3.8.8-4ubuntu0.1.diff.gz
Checksums-Sha256:
34b8b22e782682bd3308954a71e17fa5caadfc0ef17624504b99716fa64cce61 2359 request-tracker3.8_3.8.8-4ubuntu0.1.dsc
f0d3c1b62720ce2cf05269b73adaca42d66b5a0f39ad59b2b302e8597109ed90 81322 request-tracker3.8_3.8.8-4ubuntu0.1.diff.gz
Files:
a4cb7ede241ec25e1fe57e7bfa5920a1 2359 misc optional request-tracker3.8_3.8.8-4ubuntu0.1.dsc
26d62a8ef381283b9638ba2c1e558fc0 81322 misc optional request-tracker3.8_3.8.8-4ubuntu0.1.diff.gz
Original-Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers at lists.alioth.debian.org>
More information about the Maverick-changes
mailing list