-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 29 Oct 2023 22:36:22 +1300 Source: request-tracker4 Architecture: source Version: 4.4.7+dfsg-1 Distribution: unstable Urgency: high Maintainer: Andrew Ruthven <andrew@etc.gen.nz> Changed-By: Andrew Ruthven <andrew@etc.gen.nz> Closes: 986707 1054516 Changes: request-tracker4 (4.4.7+dfsg-1) unstable; urgency=high . * New upstream release (Closes: #986707, #1054516). - [CVE-2023-41259] Vulnerablility to unvalidated email headers in incoming email and the mail-gateway REST interface. - [CVE-2023-41260] Information leakage via response messages returned from requests sent via the mail-gateway REST interface. * Drop patches no longer needed: - Update-tests-for-EN-datetime-locale-change-to-space.diff - fix_expired_certs.dif * Drop patches merged upstream: - fcgi_client_sigpipe.diff - libdatetime-format-natural-perl-v0.14.diff * Set Multi-Arch: foreign for rt4-doc-html . * Drop patch no_testdeps.diff now that we skip the Mozilla::CA check. * Add autopkgtests. * Include ::1 ACL for nginx config. Checksums-Sha1: 6bf86418e279988e681ee02e611221963d22c6b8 6021 request-tracker4_4.4.7+dfsg-1.dsc 53877c94b718212021f8c96c69d9109b9c6103e1 3175338 request-tracker4_4.4.7+dfsg.orig-third-party-source.tar.gz ed947571bb6ea722a151e8f74db6801566603621 10858315 request-tracker4_4.4.7+dfsg.orig.tar.gz 88c92f3a06bddf86e589a782fff2bc0e898a69ea 488 request-tracker4_4.4.7+dfsg.orig.tar.gz.asc 92ed202ec6c456ec5450144c14180f9cb7f28fc5 86404 request-tracker4_4.4.7+dfsg-1.debian.tar.xz 181b3a31db835c5cbd7c6b459f826c9460740d49 20575 request-tracker4_4.4.7+dfsg-1_amd64.buildinfo Checksums-Sha256: 8e8a7d3ef7ae5ad2b5b89a8dafbd4282f5dbfb70f691aa771d13965f410156dd 6021 request-tracker4_4.4.7+dfsg-1.dsc a87382d806081c4dcd2e662fd9afbf3d7bed93ea945d656c3263d0b7bd35f7de 3175338 request-tracker4_4.4.7+dfsg.orig-third-party-source.tar.gz 47af1651d5df3f25b6374ff6c1da71c66202d61919d9431c17259fa3df69ae59 10858315 request-tracker4_4.4.7+dfsg.orig.tar.gz 01a7707d44c60ce8faece9fe6cb6411c87578137c7e88da7a87c9f29620b5795 488 request-tracker4_4.4.7+dfsg.orig.tar.gz.asc af03c83f960f41803efdb089310318e8f6edd3dc9747f6614d57383877470d0d 86404 request-tracker4_4.4.7+dfsg-1.debian.tar.xz 12ab1544abd0fcf60fa9621c894b3671916ccf92eccc813b82b1701c4587f39e 20575 request-tracker4_4.4.7+dfsg-1_amd64.buildinfo Files: 3856d6c67579fa231f791af245478e34 6021 misc optional request-tracker4_4.4.7+dfsg-1.dsc 6b91ff4b088a1054063621340d094db0 3175338 misc optional request-tracker4_4.4.7+dfsg.orig-third-party-source.tar.gz 5490c21a3841f8e53ccd30e7eaf482cd 10858315 misc optional request-tracker4_4.4.7+dfsg.orig.tar.gz e98ab199bb7092d732632f0660b3947d 488 misc optional request-tracker4_4.4.7+dfsg.orig.tar.gz.asc c8fb7efc1b58aba69d890fda17da7198 86404 misc optional request-tracker4_4.4.7+dfsg-1.debian.tar.xz 82828a62cab4c790a21954dc67ee43ab 20575 misc optional request-tracker4_4.4.7+dfsg-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmU+KtYACgkQS1PZMeTT 6GNffQ/+PBJ37k5Lw/kTvqmk5U/vwvbSukVIMl1+5o+YBuFnmKiiSpvSzfSrQjZ7 WlDHv/JYumVqjW6k8EygoSiMGmbYpCCe2YyQ2GUM6jYMLLPvHhhiVk7uCTn8lzQQ 23lypzau+NOxKWZE2CBRRv17PUavHwKxnMu9hMWxhhy938BycfKTpKoOMfFsmjrh TDPZPZLtKysCid0LOj9dvTEnm4GI9+Ey+THgiD9nx90w0IX7QsKpBMj4zm0p3rML rzmvKNkKM0MQ7qnwIAF2uO++xzjgtD06Z5u0dQdHa1Mb4KPgE48qY/OThNpOte/H +LyHDQwnv5aGUOPCuCkapTTocSpwjW949Sj41bQ5dsa1joSyXL6/kIqvJ6phsD/8 9cQt+267CggI7S7K5M8xZvky2QyrcsvdggT49Ya87afz7luROjRQ3U/QDjRl60Kp Qw3NyuWPCr41n8+MleHeXxAYkXy2lDICS116KXXCcQNYHj7S/s6vJCkjyNU1EBjW dCDejm4eFEk38Gmq+Mwu2dl/pbZGXe6Il4lCaefxFLajLslpvOJmOwVNvfKbvad6 PaAoETJ/U812YjiOJzEmaEdvZOuWMZQy6L30dcTfECGc+GBNdFCE2wQOJCwzynyg ZN/Xqns9JsxaTYRTqt6BRczAoB0coZmOVyagex+kcKYb7TPSKGM= =XAUi -----END PGP SIGNATURE-----
