-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3057-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 23, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : request-tracker4 Version : 4.4.1-3+deb9u4 CVE ID : CVE-2021-38562 Debian Bug : #995175 It was discovered that there was an issue in request-tracker4, a extensible ticket/issue tracking system. Sensitive information could have been revealed by way of a timing attack on the authentication system. For Debian 9 "Stretch", this problem has been fixed in version 4.4.1-3+deb9u4. We recommend that you upgrade your request-tracker4 packages. For the detailed security status of request-tracker4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/request-tracker4 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmK0GKUACgkQHpU+J9Qx HlhjpRAApVpaKCROWd4npxAMtHulSc8E+0dgwQ6rugBPFhnDQwEnxa+0ub1SDhHu s48JRKBxPF4CxD4SnrMOGDeybe6udS/r0GJa2gDxD8Rj2Nep5T/vqRL8zUrhgxAn N8Bjchc2BnxdAuwNlwh0a92PsDaPsl1p6u5LEPQEmez/G61kL4YPxznfqGBOET5h 8x6bXSPDJydQdNhXKrN8S1mLIsn2TP0QddddEiT9SX0oKG51sf704GB+5pDn9zHT Q+Vxgh5K0YVMMezz8wL4NENOqjy5xbJy41QW3YLNagkQjdA+pA4r7JBPKUSCElll 0ahF/bbryFfx/oM+zWIQY/JqniCU5fMfdOXOYmvDz45DZcpcvlH2My/uKHKEjbFn 3iiiGtSDHGRABtY7M9yTmlwUd2dvdCPtUgO0pssDnqL7qzvKwfmi557z0v1F3re+ 7I0GJEBx7X2vXlT9P+AcK6dDV5W30jT1remMPXTV0S+GJnw186EFboX7QoRg1Ecr BsjFmYE8/AyvIA7deqloZivu6p4oCj0znCsC968dknXfLMIwsn5Oj25keT4rJqQZ N7J4eYI2b0L5VHHT44hREHk/K0Zy2tmTGQx5tYNfwUsp4fsbAgI/4uPWoJhit5vs 6XpKkHVrwxh8MpQR546mO6wvybs1a4j8h9aNhdCtpJCdVJsO2GU= =5Djv -----END PGP SIGNATURE-----
