[Git][security-tracker-team/security-tracker][master] Reserve DSA number for request-tracker5 update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jun 6 15:41:39 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
01a3e0e7 by Salvatore Bonaccorso at 2026-06-06T16:41:09+02:00
Reserve DSA number for request-tracker5 update
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -12072,6 +12072,7 @@ CVE-2026-44229
NOTE: Fixed by: https://github.com/bestpractical/rt/commit/ecdb229b38206888401655974d0aec153640eb59 (rt-5.0.10)
CVE-2026-44230
- request-tracker5 5.0.10+dfsg-1
+ [trixie] - request-tracker5 5.0.7+dfsg-4+deb13u3
[bookworm] - request-tracker5 <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-5.0.10
NOTE: Introduced with: https://github.com/bestpractical/rt/commit/1db06229c5839a158f2365c436d9aa325d6ea459 (rt-5.0.4beta1)
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[06 Jun 2026] DSA-6324-1 request-tracker5 - security update
+ {CVE-2026-6841 CVE-2026-41073 CVE-2026-41075 CVE-2026-41076 CVE-2026-44229 CVE-2026-44231}
+ [bookworm] - request-tracker5 5.0.3+dfsg-3~deb12u6
+ [trixie] - request-tracker5 5.0.7+dfsg-4+deb13u3
[06 Jun 2026] DSA-6323-1 apache2 - security update
{CVE-2026-49975}
[bookworm] - apache2 2.4.67-1~deb12u3
=====================================
data/dsa-needed.txt
=====================================
@@ -96,9 +96,6 @@ python-aiohttp/oldstable
request-tracker4 (carnil)
Maintainer working on updates
--
-request-tracker5 (carnil)
- Maintainer submitted debdiff for review
---
rtpengine
Victor Seva prepared a debdiff for trixie-security for review, bookworm-security debdiff missing
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01a3e0e755e2b25075dc43cce960a6423a4bb324
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01a3e0e755e2b25075dc43cce960a6423a4bb324
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260606/041c0d4f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list