[request-tracker-maintainers] request-tracker4_4.0.7-5+deb7u2_i386.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

[Debian FTP Masters]

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 22 May 2013 18:42:25 +0100
Source: request-tracker4
Binary: request-tracker4 rt4-clients rt4-fcgi rt4-apache2 rt4-db-postgresql rt4-db-mysql rt4-db-sqlite
Architecture: source all
Version: 4.0.7-5+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers at lists.alioth.debian.org>
Changed-By: Dominic Hargreaves <dom at earth.li>
Description: 
 request-tracker4 - extensible trouble-ticket tracking system
 rt4-apache2 - Apache 2 specific files for request-tracker4
 rt4-clients - mail gateway and command-line interface to request-tracker4
 rt4-db-mysql - MySQL database backend for request-tracker4
 rt4-db-postgresql - PostgreSQL database backend for request-tracker4
 rt4-db-sqlite - SQLite database backend for request-tracker4
 rt4-fcgi   - External FastCGI support for request-tracker4
Changes: 
 request-tracker4 (4.0.7-5+deb7u2) wheezy-security; urgency=high
 .
   * Correct dbconfig upgrade script versioning
   * Add logging fix for previous security fix patchset
 .
 request-tracker4 (4.0.7-5+deb7u1) wheezy-security; urgency=high
 .
   * Multiple security fixes for:
     - Privileged user escalation (CVE-2012-4733)
     - Semi-predictable temporary file names (CVE-2013-3368)
     - Arbitrary Mason component execution (CVE-2013-3369)
     - Direct execution of private callback components (CVE-2013-3370)
     - XSS via attachment filenames and URLs in messages (CVE-2013-3371)
     - XSS via Content-Disposition header (CVE-2013-3372)
     - MIME header injection (CVE-2013-3373)
     - Limited session reuse when using Apache::Session::File (CVE-2013-3374)
   * Include database upgrade (dbconfig-common and NEWS)
Checksums-Sha1: 
 fa051c1208df394289346ab7b949ddcc6d441e60 2140 request-tracker4_4.0.7-5+deb7u2.dsc
 a6c11cc16bc002f63225071bf7b8d7fe4f787e52 785270 request-tracker4_4.0.7.orig-third-party-source.tar.gz
 4c6ba7c3311e0fc42bb99434e91d03318c24186f 5896400 request-tracker4_4.0.7.orig.tar.gz
 13a636f9e3c0cf8a992df909a3ab16a1a1cda8a8 86403 request-tracker4_4.0.7-5+deb7u2.debian.tar.gz
 5c478674ea63bca74420222fe44c957ab65e1ab0 3957036 request-tracker4_4.0.7-5+deb7u2_all.deb
 999f624ee6e0bbd47c93f1b7bd4cf1a10914f848 47656 rt4-clients_4.0.7-5+deb7u2_all.deb
 075526280df17a9d704f5046ce809ebcdb3bd3c9 11496 rt4-fcgi_4.0.7-5+deb7u2_all.deb
 88e4c7d986308adc32b5e05d3724e129295f6763 10450 rt4-apache2_4.0.7-5+deb7u2_all.deb
 bbc5090c0d8e7188b2ef7da9bc8190de84dcb7c5 9618 rt4-db-postgresql_4.0.7-5+deb7u2_all.deb
 6b6ad4706dab10e7454c2da0e9de854a1689845f 9616 rt4-db-mysql_4.0.7-5+deb7u2_all.deb
 45c018a0f4a15495735957cab512b8829b8b7225 9708 rt4-db-sqlite_4.0.7-5+deb7u2_all.deb
Checksums-Sha256: 
 0c3ac3bf7e0039a3bece7ce2e6e7af7cfee9b500b080079a4f55155fb1a7b232 2140 request-tracker4_4.0.7-5+deb7u2.dsc
 39a4dd1cbc89a0123149449c89fc8ed0c4751edff1cf16ac93a91d88ad798c9e 785270 request-tracker4_4.0.7.orig-third-party-source.tar.gz
 3b382f05bededa478fbbd0b6bae2381b52eb7f6c11f1136e48c1c57de06d65ed 5896400 request-tracker4_4.0.7.orig.tar.gz
 9f16b8d8b25b0978c678070e94a7912e3f43656fe47ca863f8e6615056451c24 86403 request-tracker4_4.0.7-5+deb7u2.debian.tar.gz
 ee96281c6fb36d56b0830bd5d50d53159270d583e824d6db6a9057fad9863a7b 3957036 request-tracker4_4.0.7-5+deb7u2_all.deb
 99f03eb9feef2cfd31964a1b672bc95706e25a9994935b3b6c961a5b7941267e 47656 rt4-clients_4.0.7-5+deb7u2_all.deb
 af971bcce5c21be36fc83b8ea551c8505e64dd3a6ceb119fba5ceafa065bbc43 11496 rt4-fcgi_4.0.7-5+deb7u2_all.deb
 76f71e9f1c00d1e4edaead6b5c3e99a56ebd78917d39e6f422b8b35682f81cf3 10450 rt4-apache2_4.0.7-5+deb7u2_all.deb
 6ef5e8f8095c75e037efe161b64fd6adcd1a663be8572b4dff4c9dba0a354c32 9618 rt4-db-postgresql_4.0.7-5+deb7u2_all.deb
 69bd6d95ccb85cbd4f6ab04e1885350196c900778f764a873270d9931f7a183d 9616 rt4-db-mysql_4.0.7-5+deb7u2_all.deb
 b35a2ee1d26e588a2bc0202343a98e131c0bc0c6376404292fbee9eeefcbff0a 9708 rt4-db-sqlite_4.0.7-5+deb7u2_all.deb
Files: 
 22bf4386a3ce9c76c3a896ecd8347ce0 2140 misc optional request-tracker4_4.0.7-5+deb7u2.dsc
 8ada3c6dab42e62aff4480b65165e87a 785270 misc optional request-tracker4_4.0.7.orig-third-party-source.tar.gz
 9536589c5403f1c18c1545a432d541d3 5896400 misc optional request-tracker4_4.0.7.orig.tar.gz
 cf578ebbb68673b5d090dd484cee54d5 86403 misc optional request-tracker4_4.0.7-5+deb7u2.debian.tar.gz
 ae516f1eab8b2380457ff44250555180 3957036 misc optional request-tracker4_4.0.7-5+deb7u2_all.deb
 0adb69e076ddf7c8e50eac5691a52c4b 47656 misc optional rt4-clients_4.0.7-5+deb7u2_all.deb
 132c235ad8867ee3191fca212a08305f 11496 misc optional rt4-fcgi_4.0.7-5+deb7u2_all.deb
 0961226245d8f86ac2d0ebb6d96ee05f 10450 misc optional rt4-apache2_4.0.7-5+deb7u2_all.deb
 e84ea45253fc8c9e4b0a67b9d33dfd30 9618 misc optional rt4-db-postgresql_4.0.7-5+deb7u2_all.deb
 9ce8560591b36542ce8b03aa01bdd737 9616 misc optional rt4-db-mysql_4.0.7-5+deb7u2_all.deb
 51ecba8ea107aaea0bf7340958875ed2 9708 misc optional rt4-db-sqlite_4.0.7-5+deb7u2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRnQVhYzuFKFF44qURAi3PAJ9W6qVI1ZwhfHJpnNcZ2ShgWU0axQCfbp2a
3YzA26inZoOyyLzJqDKqQhc=
=gAO5
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.