[From nobody Tue May 26 11:17:09 2026 Received: (at submit) by bugs.debian.org; 29 Jul 2023 19:31:39 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02 (2021-04-09) on buxtehude.debian.org X-Spam-Level: X-Spam-Status: No, score=-110.2 required=4.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FROMDEVELOPER, PGPSIGNATURE,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE, UNPARSEABLE_RELAY,USER_IN_DKIM_WELCOMELIST,USER_IN_DKIM_WHITELIST autolearn=ham autolearn_force=no version=3.4.6-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 12; hammy, 119; neutral, 21; spammy, 0. spammytokens: hammytokens:0.000-+--Hx-spam-relays-external:sk:stravin, 0.000-+--H*RT:sk:stravin, 0.000-+--Hx-spam-relays-external:311, 0.000-+--H*RT:108, 0.000-+--H*RT:311 Return-path: <rouca@debian.org> Received: from stravinsky.debian.org ([2001:41b8:202:deb::311:108]:36784) from C=NA, ST=NA, L=Ankh Morpork, O=Debian SMTP, OU=Debian SMTP CA, CN=stravinsky.debian.org, EMAIL=hostmaster@stravinsky.debian.org (verified) by buxtehude.debian.org with esmtps (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.94.2) (envelope-from <rouca@debian.org>) id 1qPpfA-00EbTY-7B for submit@bugs.debian.org; Sat, 29 Jul 2023 19:31:39 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.stravinsky; h=X-Debian-User:Content-Type:MIME-Version:Message-ID: Date:Subject:To:From:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:In-Reply-To:References; bh=TzgsB9wClVkGZPp5mJ8Y9YH6Rk+9oGKcfd/dpOOnH/Q=; b=hOPSnVMsbh+i+IXLleo5DH25qg ows11cjbPvNOxdWu1wL4QlopPk4YphelUPMoDYNSakcOnekHXWFNoOlw5kRwedrzIlztoy/FoN3c2 2itZLOjsbYyo7a7kFcqyC9nrk33+U2w6hhV5dOKG6S2DTmYH07sGsST6aBDpGutKcUN3kXURt9U54 PaU3p8e3OyGwkOm97dUTiMe3cgHWBrddYig+QedXctA1Hz1LhyRQxruvgr9lO6BioHJLMRTlScI4m D3iKdgMyqohlVoHnhAIY89HJOByI6du1t81uYLbVh19Q1a/rbH+dcc6r5HXZ+jIGTnFov7sLnMiw1 dd1hYSMw==; Received: from authenticated user by stravinsky.debian.org with esmtpsa (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.94.2) (envelope-from <rouca@debian.org>) id 1qPpf7-00AWie-8C; Sat, 29 Jul 2023 19:31:37 +0000 From: Bastien =?ISO-8859-1?Q?Roucari=E8s?= <rouca@debian.org> To: Debian Bug Tracking System <submit@bugs.debian.org> Subject: request-tracker5: Include ckeditor minimified Date: Sat, 29 Jul 2023 19:31:33 +0000 Message-ID: <11996645.jKvQB3XHOm@portable-bastien> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart4401012.UgXpCQ8di8"; micalg="pgp-sha512"; protocol="application/pgp-signature" X-Debian-User: rouca Delivered-To: submit@bugs.debian.org --nextPart4401012.UgXpCQ8di8 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8"; protected-headers="v1" From: Bastien =?ISO-8859-1?Q?Roucari=E8s?= <rouca@debian.org> To: Debian Bug Tracking System <submit@bugs.debian.org> Subject: request-tracker5: Include ckeditor minimified Date: Sat, 29 Jul 2023 19:31:16 +0000 Message-ID: <11996645.jKvQB3XHOm@portable-bastien> MIME-Version: 1.0 Source: request-tracker5 Severity: serious Tags: ftbfs Justification: FTBFS Control: tags -1 + security Dear Maintainer, https://sources.debian.org/src/request- tracker5/5.0.3+dfsg-3/share/static/RichText/ include ckeditor outdated (with CVE) and moreover minified Could you use the packaged ckeditor. Note also that I am going to package ckeditor5 (ckeditor 4 is EOL) Bastien --nextPart4401012.UgXpCQ8di8 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmTFaQUACgkQADoaLapB CF8SbBAAkrorMG4JsKL1kaXCQmT0nmxekgrd4Tfi2PCzlbqLJ7JO4WBA4dWQvpcZ ZwHtAfjRrtAaErtjZwMkdKprKNGn9QrpCoI1X+JGv/Q6oosSxkzOMDg1a3ql+Jj0 vSui2oKBFRfEDXqScpXCVwjtfHmePraWVTB7XdPQIqUcc+myEGb2WYffDlGEt4aW 7KlXAh3Ii/wL7+I9BRMzHwQfXuYdnDmZ7qf3xF8n8oo2IyuF3TQ6xRLYrLdWVbR4 256JbimCDUA6bka8xOif69H6OOR4tLSzQnypUaLiMf4ebyBJbUaDlDuUKHLvQ9EF em1qrhXd/HCR1GwRHmkd3aiEUtfIkfEAHygt81Tu7H3b6c6X9ijaBvOn+UYjW/jk ZcuTP1ipxJZLuRI4AHL84NO7Q1TbfPLwZVcLpxYy/Ch2/gZ4pgSIciLRiPj90DNL dsQWVRqDQJWiLZtBf4Z2h687YwfLCNqQe7sSv5qgUVQiNFSmKE9mYMfIC6tpjx/a u4z6arvE1ygPL+1qAcSDXM17M7XmOihnLwpqWRQI0QANshxOAF91LEuNePINfiop lmZRQxcbf0NxbegyRl8B0kLVaashMVIk45bzo1jzktR1EnKo5PjIB1zVpPgYVChf 8AthEf6dECDIt04ulijFteU3K7SU7nlXjY0IM5TeddG4yYjvoOQ= =uyBa -----END PGP SIGNATURE----- --nextPart4401012.UgXpCQ8di8-- ]