-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 23 Oct 2025 11:48:52 +1300
Source: request-tracker5
Binary: request-tracker5 rt5-apache2 rt5-clients rt5-db-mysql rt5-db-postgresql rt5-db-sqlite rt5-doc-html rt5-fcgi rt5-standalone
Architecture: source all
Version: 5.0.7+dfsg-5
Distribution: unstable
Urgency: high
Maintainer: Andrew Ruthven <andrew@etc.gen.nz>
Changed-By: Andrew Ruthven <andrew@etc.gen.nz>
Description:
request-tracker5 - extensible trouble-ticket tracking system
rt5-apache2 - Apache 2 specific files for request-tracker5
rt5-clients - mail gateway and command-line interface to request-tracker5
rt5-db-mysql - MySQL database backend for request-tracker5
rt5-db-postgresql - PostgreSQL database backend for request-tracker5
rt5-db-sqlite - SQLite database backend for request-tracker5
rt5-doc-html - HTML documentation for request-tracker5
rt5-fcgi - External FastCGI support for request-tracker5
rt5-standalone - Standalone web server support for request-tracker5
Changes:
request-tracker5 (5.0.7+dfsg-5) unstable; urgency=high
.
* Apply upstream patch which fixes several security vulnerabilities:
- [CVE-2025-61873] Fix CSV injection via ticket values with special
characters that are exported to a TSV from search results.
- [CVE-2025-9158] Fix XSS via calendar invitations added to a ticket.
* Cut down on the upstream tests we run with autopkgtest as the full set
takes a long time to run and time out on the slower test boxes.
Checksums-Sha1:
31e3a395b222a8f5f449d37b7a557ec9f7d4d873 6012 request-tracker5_5.0.7+dfsg-5.dsc
d1add9d720c011586fba979db4120ab49b94be4a 132120 request-tracker5_5.0.7+dfsg-5.debian.tar.xz
84007595382717090e431a52d0fd838b97273ded 12953812 request-tracker5_5.0.7+dfsg-5_all.deb
a427790d2f11133475c24e2e847aa9072c7b474c 24500 request-tracker5_5.0.7+dfsg-5_amd64.buildinfo
260f22768e4a4b7f5540ee0fd7b4efc33c54d8bb 20488 rt5-apache2_5.0.7+dfsg-5_all.deb
a47d1115aadc261032946c12b14569f3e374c935 50868 rt5-clients_5.0.7+dfsg-5_all.deb
b77f7ddab7a06ed8d6e7d024cbd4e00f5683bff9 19820 rt5-db-mysql_5.0.7+dfsg-5_all.deb
dd39f2941adfb877ade380836b34ad944c2c53ee 19812 rt5-db-postgresql_5.0.7+dfsg-5_all.deb
63e7db574caf7dd76a912658ec35adbc5be2900d 19920 rt5-db-sqlite_5.0.7+dfsg-5_all.deb
ae663b7b560d759224d8237ad858d9f1dec5020c 5288928 rt5-doc-html_5.0.7+dfsg-5_all.deb
db8efe88c066f01a725e9652c3fafbda97c52e4d 22660 rt5-fcgi_5.0.7+dfsg-5_all.deb
7768902f13a7afe44fb071210792d8ad85513b2f 19288 rt5-standalone_5.0.7+dfsg-5_all.deb
Checksums-Sha256:
88954ece9730ba6f4f81274a3b82ccbcd21c059c7b66971430c514000ba9f179 6012 request-tracker5_5.0.7+dfsg-5.dsc
88738c8f4e6f39ac57e38adc997f0ee31a2be600802898b6f5d269040bd42366 132120 request-tracker5_5.0.7+dfsg-5.debian.tar.xz
2acb2f548ee127a82a5c8bd33443507737573bf7bc4097df427882a432851e0a 12953812 request-tracker5_5.0.7+dfsg-5_all.deb
168f87bdc7a39fec715f2f808c2ead1eb88b1105b8bf9d9b9c0a6f863f9a4f7e 24500 request-tracker5_5.0.7+dfsg-5_amd64.buildinfo
b3a10830fc3f6934e91549daa0ae47ccd398a6123a869d0afc52837c2038a100 20488 rt5-apache2_5.0.7+dfsg-5_all.deb
e463bffb5afe1b091d72a9f35b2c37df5ce97531d2dbf4ef1cd3a89d7130794d 50868 rt5-clients_5.0.7+dfsg-5_all.deb
aed72ccbb89fa3b8846e3ff54ed91fc3c92dd4134df70810384ae1ee133267a3 19820 rt5-db-mysql_5.0.7+dfsg-5_all.deb
c31ec6f80b14f1882f5b27877bd1cadce29a0389b0c628b0eae967dd83686d9b 19812 rt5-db-postgresql_5.0.7+dfsg-5_all.deb
b9221c6ad7dac478ea107e158a364388d365ecef9659c572295abd50e5818406 19920 rt5-db-sqlite_5.0.7+dfsg-5_all.deb
696703c6763889249032af32e5e814f7e5e9bdadecf4cd9d7443966bc63a5622 5288928 rt5-doc-html_5.0.7+dfsg-5_all.deb
ec9efd6b366a2d8ba4327e12f56aca51b40f7cd9d4286b16a13947438f797214 22660 rt5-fcgi_5.0.7+dfsg-5_all.deb
63b8e1ea1e3f8f8662a0b43cf3db40305a0f05a62ebe9a42fccd12f11d32145c 19288 rt5-standalone_5.0.7+dfsg-5_all.deb
Files:
e28aa60197c12d2cdd3b4a81abd77d30 6012 misc optional request-tracker5_5.0.7+dfsg-5.dsc
46641f26aafafcc29a539641cdce0541 132120 misc optional request-tracker5_5.0.7+dfsg-5.debian.tar.xz
8bc42ec02c408f74d3191eae9fe8f286 12953812 misc optional request-tracker5_5.0.7+dfsg-5_all.deb
3cb08d3ae8abe30175c84c321b5b8f58 24500 misc optional request-tracker5_5.0.7+dfsg-5_amd64.buildinfo
d40eb9c566ad0f7a83e0d3ad1052cea5 20488 misc optional rt5-apache2_5.0.7+dfsg-5_all.deb
5e7161f1f00e2a743876462e6d6e3282 50868 misc optional rt5-clients_5.0.7+dfsg-5_all.deb
57346cf7bc61e2556db45a0b62c0621a 19820 misc optional rt5-db-mysql_5.0.7+dfsg-5_all.deb
ac6d347a9d4bd94f347fad8971747400 19812 misc optional rt5-db-postgresql_5.0.7+dfsg-5_all.deb
023534b9d53edae2930a5bae40e74625 19920 misc optional rt5-db-sqlite_5.0.7+dfsg-5_all.deb
0c003a47fe8ae92bc78851c99836cf57 5288928 doc optional rt5-doc-html_5.0.7+dfsg-5_all.deb
bb0c9b26a754cc32d301ed2f75e59b16 22660 misc optional rt5-fcgi_5.0.7+dfsg-5_all.deb
9946b91bb0db109afd59f7445d3bda8e 19288 misc optional rt5-standalone_5.0.7+dfsg-5_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmj6D5gACgkQS1PZMeTT
6GMP5xAAgn0XyOSWA92A0xeRi51Nqf0vu7E91bFUxJzfjpAyGSkI80A6V6rAV7h8
B9bIybx+FnImukvq1RBbyvt7I5qKlUkj+Fsp6po7WbbWvIO9csu3w0v4G0UU0a1Q
FuiZt79pkRhEKK7bt2QVHQt+bYrjGYbDrKWqrE4faiyb3hky5tG8QApcGuvKwChi
FlIBY2ddE+GfRfjxfgaa7+GkLSo6p255/q/276cCGsBdwK2ioR23KNlwR4pxznjg
Zb/urDL6ClC1WagU9mDk1u6DsoGU3tuWYAgVJHj+G6fLFkwJeAaRxWQm9evGf4yQ
7Xlri4MvVK+AobHF7ICAgyE9tjIN9MKW/ezXh04jQNRc6Or0ETst9YZ77Rnxu5qm
c75xB8g2DFQRmGS9dUwfwi/TsquKm15OWAAq6HyOIRKY9A0JAtuw8RtzHM2pJPPJ
ioXLoW/8QpagbCc+uJAiMTgpEbC+/T9QIud91i8cr1j0nBU5vD4dGAKsoWtiOMBQ
KvlbEfogH/GjO/3OET4nzm3VQblQWFgiOR2wpYol3r7hNZyTFXfu1saC85kGHBRp
1ec9Aszo6mwE73PUY9dr3ZYsBtzpIIDZUWWhDq46ZMfJjoTqO1hOW4lGf+grXujZ
Q9HBWZT3dB/BgFempZDJXrqzPC8jnF20re5tMw0CpL2hnw0sT7U=
=qwM3
-----END PGP SIGNATURE-----
