-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 20 Oct 2012 14:30:48 +0100 Source: request-tracker3.8 Binary: request-tracker3.8 rt3.8-clients rt3.8-apache2 rt3.8-db-postgresql rt3.8-db-mysql rt3.8-db-sqlite Architecture: source all Version: 3.8.8-7+squeeze6 Distribution: stable-security Urgency: low Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintainers@lists.alioth.debian.org> Changed-By: Dominic Hargreaves <dom@earth.li> Description: request-tracker3.8 - extensible trouble-ticket tracking system rt3.8-apache2 - Apache 2 specific files for request-tracker3.8 rt3.8-clients - mail gateway and command-line interface to request-tracker3.8 rt3.8-db-mysql - MySQL database backend for request-tracker3.8 rt3.8-db-postgresql - PostgreSQL database backend for request-tracker3.8 rt3.8-db-sqlite - SQLite database backend for request-tracker3.8 Changes: request-tracker3.8 (3.8.8-7+squeeze6) stable-security; urgency=low . * Multiple security fixes for: - Email header injection attack (CVE-2012-4730) - CSRF protection allows attack on bookmarks (CVE-2012-4732) - Confused deputy attack for non-logged-in users (CVE-2012-4734) - Multiple message signing/encryption attacks related to GnuPG (CVE-2012-4735) - Arbitrary command-line argument injection to GnuPG (CVE-2012-4884) Checksums-Sha1: c12d024dadc7f4a098b05783840e582c963c2e0b 1635 request-tracker3.8_3.8.8-7+squeeze6.dsc 684536c9af0f0ce9f4e8c8ef9661d08e434b7b41 124022 request-tracker3.8_3.8.8-7+squeeze6.diff.gz 12772cc509b567d6479f7c5a7585c7804070d8df 4669160 request-tracker3.8_3.8.8-7+squeeze6_all.deb e396e5a8410831110e82bbf53ba3c53dad51f349 47948 rt3.8-clients_3.8.8-7+squeeze6_all.deb b4685577ed28d7f981fb9a02c2941864aaf079b8 13146 rt3.8-apache2_3.8.8-7+squeeze6_all.deb 01382e3ab7283861e0b62c2b322dbc5f23d7b164 11816 rt3.8-db-postgresql_3.8.8-7+squeeze6_all.deb 78159802d085de2dc04e420ccf1f8f9611c0b838 11816 rt3.8-db-mysql_3.8.8-7+squeeze6_all.deb 583d823ff86d47b9e69b32c3edb0da0df665b86f 11914 rt3.8-db-sqlite_3.8.8-7+squeeze6_all.deb Checksums-Sha256: 16874ff795d4feda899f8170958cb5699121e5a932a98e64ce539842649689ee 1635 request-tracker3.8_3.8.8-7+squeeze6.dsc dfa00c6bbe965272702ee35708faf12f3a66f4090033fd504f4e71ef3f073b53 124022 request-tracker3.8_3.8.8-7+squeeze6.diff.gz 53bb54cfd91ec9eb94ec2c81551c15900d56d9c326443de81e2ad39a6d7aeae9 4669160 request-tracker3.8_3.8.8-7+squeeze6_all.deb ab61f8332b9dd4e025ae7cbc44815e9c9324f69f726c3c2687f20c74c9804c44 47948 rt3.8-clients_3.8.8-7+squeeze6_all.deb cf43d89a199448c99ebed785d6972b7b6cb2ac8a1868bfbbca48fcfb0c690f02 13146 rt3.8-apache2_3.8.8-7+squeeze6_all.deb 398a8f9459590ec1c743f2900fc37f72c419c040ad68dff5eb85a152a71a4ca5 11816 rt3.8-db-postgresql_3.8.8-7+squeeze6_all.deb 8d869dc41f917a554209a2170f8fe75b3b7d21932f9e1016a5074e6c938d1cea 11816 rt3.8-db-mysql_3.8.8-7+squeeze6_all.deb dacfd4f00280d1798254e85280b9f65e02793cfdba6d9b1f884a5504cce77535 11914 rt3.8-db-sqlite_3.8.8-7+squeeze6_all.deb Files: 1e41c43618faa72eddaf0f8e6cc4f4ff 1635 misc optional request-tracker3.8_3.8.8-7+squeeze6.dsc 24880809a8f612667daa743edfe7b0d8 124022 misc optional request-tracker3.8_3.8.8-7+squeeze6.diff.gz 07565a10f394aac282f5183524e004d4 4669160 misc optional request-tracker3.8_3.8.8-7+squeeze6_all.deb e7bd3b9bf1e3d2c77fe8f9604af6d667 47948 misc optional rt3.8-clients_3.8.8-7+squeeze6_all.deb a3cd1b446514b35d6a0285f9d4a0d018 13146 misc optional rt3.8-apache2_3.8.8-7+squeeze6_all.deb 0371a0aa63431879b937744736489543 11816 misc optional rt3.8-db-postgresql_3.8.8-7+squeeze6_all.deb 5130dd197413dc6566c810ffeac0f9f1 11816 misc optional rt3.8-db-mysql_3.8.8-7+squeeze6_all.deb ae142c45325f32679c4b2bc0692859b1 11914 misc optional rt3.8-db-sqlite_3.8.8-7+squeeze6_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFQgqlsYzuFKFF44qURAoAqAKD3LFCXzoYfqBI6G05TVpJkP6fMKQCglfd/ wT0Jd3E5CSSYCG0TSo4fxEo= =jNmL -----END PGP SIGNATURE-----