-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: request-tracker4 Binary: request-tracker4, rt4-clients, rt4-standalone, rt4-fcgi, rt4-apache2, rt4-db-postgresql, rt4-db-mysql, rt4-db-sqlite, rt4-doc-html Architecture: all Version: 4.2.11-2 Maintainer: Debian Request Tracker Group <[email protected]> Uploaders: Niko Tyni <[email protected]>, Dominic Hargreaves <[email protected]> Homepage: http://bestpractical.com/rt/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-request-tracker/request-tracker4.git Vcs-Git: git://anonscm.debian.org/pkg-request-tracker/request-tracker4.git Build-Depends: debhelper (>= 5), po-debconf, libdbd-sqlite3-perl, perl (>= 5.17.10) | libpod-simple-perl (>= 3.24), libhtml-parser-perl, libemail-abstract-perl, libtest-email-perl, libwww-mechanize-perl, libtest-www-mechanize-perl (>= 1.30), libtest-expect-perl (>= 0.31), libxml-simple-perl, libtest-deep-perl, libtest-warn-perl, perl (>= 5.10.1) | libtest-simple-perl (>= 0.90), libtest-mocktime-perl, libtest-www-mechanize-psgi-perl, libplack-middleware-test-stashwarnings-perl (>= 0.08), libtest-longstring-perl, libtest-nowarnings-perl, libhtml-mason-perl (>= 1:1.43), libapache-session-perl (>= 1.53), libregexp-common-perl, libdbi-perl (>= 1.37), libdbix-searchbuilder-perl (>= 1.66), libtext-template-perl (>= 1.44), liblog-dispatch-perl (>= 2.30), liblocale-maketext-fuzzy-perl (>= 0.11), liblocale-maketext-lexicon-perl (>= 0.32), liblocale-po-perl, libmime-tools-perl (>= 5.504), libmime-types-perl, libmailtools-perl (>= 2.12), libtext-wrapper-perl, libtime-parsedate-perl, libtext-autoformat-perl, libtext-wikiformat-perl, libhtml-scrubber-perl, libmodule-versions-report-perl (>= 1.03), libtree-simple-perl (>= 1.04), libxml-rss-perl (>= 1.05), libgd-graph-perl (>= 1.47), libuniversal-require-perl, libgd-text-perl, libtimedate-perl, libfile-sharedir-perl, libemail-address-perl (>= 1.897), libperlio-eol-perl, libdata-ical-perl, libtext-quoted-perl (>= 2.07), libhtml-rewriteattributes-perl (>= 0.05), libgraphviz-perl, libgnupg-interface-perl, libencode-perl (>= 2.64) | perl (>= 5.21.6), libcgi-pm-perl (>= 3.38), libfcgi-procmanager-perl, libdatetime-perl (>= 0.44), libdatetime-locale-perl (>= 0.40), libhtml-quoted-perl, perl (>= 5.10.1) | libfile-temp-perl (>= 0.19), libtext-password-pronounceable-perl, libdevel-globaldestruction-perl, liblist-moreutils-perl, libnet-cidr-perl, libregexp-common-net-cidr-perl, libregexp-ipv6-perl, libjson-perl, libipc-run3-perl, libcgi-psgi-perl (>= 0.12), libhtml-mason-psgihandler-perl (>= 0.52), libplack-perl (>= 1.0002), libcgi-emulate-psgi-perl, libconvert-color-perl, libclass-accessor-perl (>= 0.34), liburi-perl (>= 1.59), libipc-run-perl (>= 0.90), libterm-readkey-perl, libfcgi-perl, libcrypt-eksblowfish-perl, libdata-guid-perl, libdate-extract-perl, libdate-manip-perl, libdatetime-format-natural-perl, libemail-address-list-perl (>= 0.02), libhtml-formattext-withlinks-perl (>= 0.14), libhtml-formattext-withlinks-andtables-perl, libhttp-message-perl (>= 6.0), libwww-perl, libmodule-refresh-perl (>= 0.03), librole-basic-perl (>= 0.12), libsymbol-global-name-perl (>= 0.04), libfile-which-perl, libcrypt-x509-perl, libstring-shellquote-perl, libmojolicious-perl, libset-tiny-perl, libcrypt-ssleay-perl, libapache-dbi-perl (>= 0.92), liblog-dispatch-perl-perl, libcss-squish-perl, libtest-pod-perl, libdbd-mysql-perl Build-Depends-Indep: perl (>= 5.8.3) Package-List: request-tracker4 deb misc optional arch=all rt4-apache2 deb misc optional arch=all rt4-clients deb misc optional arch=all rt4-db-mysql deb misc optional arch=all rt4-db-postgresql deb misc optional arch=all rt4-db-sqlite deb misc optional arch=all rt4-doc-html deb doc optional arch=all rt4-fcgi deb misc optional arch=all rt4-standalone deb misc optional arch=all Checksums-Sha1: 49bb6084eb92f9a5686acd34e754eba8481cb7af 1316651 request-tracker4_4.2.11.orig-third-party-source.tar.gz c40063b4265a983343804f2056b22964a8ba7be9 7537515 request-tracker4_4.2.11.orig.tar.gz ecc83ceacc4b2641a50edc478202fb62d4a9f5ee 71932 request-tracker4_4.2.11-2.debian.tar.xz Checksums-Sha256: 077f930a99b97e54568da7c9fe6c3de841eaa7526edb6b11c54fa09ccf6286aa 1316651 request-tracker4_4.2.11.orig-third-party-source.tar.gz dc07f32dd04a50bd9d0ff86a1f9fe3cd1a128f01cbbd018e5fa23a41ddfb87e6 7537515 request-tracker4_4.2.11.orig.tar.gz 75d3e15a9c1d8da8be44d0ea1ef54c817cd1b4dd624940f12c9582e87bdee43d 71932 request-tracker4_4.2.11-2.debian.tar.xz Files: 309429fb5be52e2db2ef390c4e1c9535 1316651 request-tracker4_4.2.11.orig-third-party-source.tar.gz f0b02b2f97ff346ca2d57a17b136b9d0 7537515 request-tracker4_4.2.11.orig.tar.gz 8ec05a752ab6ba9a354a06593fb001f3 71932 request-tracker4_4.2.11-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVynHuAAoJEMAFfnFNaU+yM2AQAI1yyFYf4ehQJOIlZbD1dKn3 5zEEtKF3PV2ZJFItCWR0hSI6onQrk1DiEMu5B3tC63uDP17v6eILOlbZVcNwe2WW WhlCzmUtUoUVvdHpqhpKKhQQC+esddw7DiAPjJS8u30aUna3WIHDcXM4zdaIwUvA J7/8iASPbcg6E2P99zzDd/DOjTXLDSSoBlB/RwHsw80O9W0okIYMYeBnNG0GvoI+ 4iGBi3ipFRa7VQjsIhZp84PlfgPEXOKJ6UHCi3jfzRQfR87rdFhzJ1G7xRORv82b K+ep54nXx3V+nGhGgtJHx23k9vJev5ZngM5V/W9jVNi8a1U9+qoT+kZlW6e9FdVO L23SNMPfvU5dglM+OG6ppIwGm1zEmwENa5LSpocYO5w6yCXiKVco5tUj4TxgjqL7 phSldyUeybXvMD1YtjDWyNKiczbE2e7X1VYlnqFL+Xb5PQWbErKFt7OTjKsNod2X y2Vf8a4oWQzwwP0maE4qDKgqhUoPlp+b97+40ouDbacRHxST3xhquZGMTOFp750j vsP7FywlL2nX3pbuNw8xne9w4jeNiMWGEV3LIka1jN3IUrTFI+E2bdnpDykag7DW WoL383RKqHWGMDcF+eVBEGmxKYikT+pW4LI10+lnyP6w6ZXNhuo7z4zRAv8qA1n6 LU23r2kiU9pKBx7Qhllk =QasX -----END PGP SIGNATURE----- Changes: request-tracker4 (4.2.11-2) unstable; urgency=high * Apply upstream patches fixing security vulnerabilities: - cross-site scripting (XSS) attack via the user and group rights management pages (CVE-2015-5475) - cross-site scripting (XSS) attack via the cryptography interface -- Dominic Hargreaves <[email protected]> Tue, 11 Aug 2015 22:49:56 +0100
