[ubuntu/noble-proposed] request-tracker4 4.4.7+dfsg-1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Feb 8 12:38:24 UTC 2024
request-tracker4 (4.4.7+dfsg-1) unstable; urgency=high
* New upstream release (Closes: #986707, #1054516).
- [CVE-2023-41259] Vulnerablility to unvalidated email headers in
incoming email and the mail-gateway REST interface.
- [CVE-2023-41260] Information leakage via response messages returned
from requests sent via the mail-gateway REST interface.
* Drop patches no longer needed:
- Update-tests-for-EN-datetime-locale-change-to-space.diff
- fix_expired_certs.dif
* Drop patches merged upstream:
- fcgi_client_sigpipe.diff
- libdatetime-format-natural-perl-v0.14.diff
* Set Multi-Arch: foreign for rt4-doc-html .
* Drop patch no_testdeps.diff now that we skip the Mozilla::CA check.
* Add autopkgtests.
* Include ::1 ACL for nginx config.
Date: 2023-10-29 16:35:11.012790+00:00
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/request-tracker4/4.4.7+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list