Your message dated Tue, 26 May 2026 10:14:14 +0000 with message-id <[email protected]> and subject line Bug#1134418: Removed package(s) from unstable has caused the Debian Bug report #615890, regarding rt-mailgate(1) should support some HTTP authentication to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 615890: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615890 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: rt3.8-clients Version: 3.8.8-7 Severity: wishlist The current version of rt-mailgate(1) relies on a specific “backdoor” to access the REST interface of RT, like: <Location /rt/REST/1.0/NoAuth> Order allow,deny Allow from ::1 127.0.0.0/8 Satisfy any </Location> However, this configuration is insecure in at least two situations: • the RT installation is on a different host, so that the IP address may be spoofed; • the host is used for Shell accounts of some less trusted folks. OTOH, given that the HTTP basic authentication is only a matter of calling the LWP::UserAgent's ->credentials () method (as per the documentation [1]), it doesn't seem like a big deal to have it supported. [1] http://search.cpan.org/~gaas/libwww-perl-5.837/lib/LWP/UserAgent.pm -- FSF associate member #7257
pgpVMuJ3LmF1O.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---Version: 4.4.7+dfsg-4+rm Dear submitter, as the package request-tracker4 has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1134418 The version of this package that was in Debian prior to this removal can still be found using https://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)
--- End Message ---
