Your message dated Sat, 24 Jun 2017 21:18:52 +
with message-id
and subject line Bug#864302: fixed in request-tracker4 4.2.8-3+deb8u2
has caused the Debian Bug report #864302,
regarding request-tracker4: FTBFS due to base.pm changes in July 2016
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
864302: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864302
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: request-tracker4
Version: 4.2.8-3+deb8u1
Severity: serious
Justification: ftbfs
Tags: jessie patch
As per
http://perl.debian.net/rebuild-logs/jessie/request-tracker4_4.2.8-3+deb8u1/request-tracker4_4.2.8-3+deb8u1_amd64-2017-06-05T20:11:50Z.build
building this package was broken by the changes in perl to fix the '.'
in @INC vulnerability.
The breakage doesn't appear in the version in unstable, though it's
not immediately obvious why. There is a proposed fix in
https://anonscm.debian.org/cgit/pkg-request-tracker/request-tracker4.git/log/?h=ntyni/jessie-base-pm
Dominic.
--- End Message ---
--- Begin Message ---
Source: request-tracker4
Source-Version: 4.2.8-3+deb8u2
We believe that the bug you reported is fixed in the latest version of
request-tracker4, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 864...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dominic Hargreaves (supplier of updated request-tracker4
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 10 Jun 2017 23:25:11 +0100
Source: request-tracker4
Binary: request-tracker4 rt4-clients rt4-standalone rt4-fcgi rt4-apache2
rt4-db-postgresql rt4-db-mysql rt4-db-sqlite rt4-doc-html
Architecture: all source
Version: 4.2.8-3+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Request Tracker Group
Changed-By: Dominic Hargreaves
Closes: 864302
Description:
request-tracker4 - extensible trouble-ticket tracking system
rt4-apache2 - Apache 2 specific files for request-tracker4
rt4-clients - mail gateway and command-line interface to request-tracker4
rt4-db-mysql - MySQL database backend for request-tracker4
rt4-db-postgresql - PostgreSQL database backend for request-tracker4
rt4-db-sqlite - SQLite database backend for request-tracker4
rt4-doc-html - HTML documentation for request-tracker4
rt4-fcgi - External FastCGI support for request-tracker4
rt4-standalone - Standalone web server support for request-tracker4
Changes:
request-tracker4 (4.2.8-3+deb8u2) jessie-security; urgency=high
.
* Fix FTBFS due to base.pm changes (Closes: #864302)
* Fix multiple security issues:
- [CVE-2017-5943] CSRF verification token information leak
- [CVE-2016-6127] XSS in file uploads
- [CVE-2017-5361] Timing side-channel vulnerability in password
verification
- [CVE-2017-5944] Remote code execution in dashboard interface
- Add check for incorrect RestrictLoginReferrer configuration setting
* Work around a DoS vulnerability in Email::Address (CVE-2015-7686)
Checksums-Sha1:
253920f51e42317d0da074bcc88861b74f6f8cb2 5629
request-tracker4_4.2.8-3+deb8u2.dsc
000a7de7337b4f0ab60fb5dbed451e610b4183f3 78564
request-tracker4_4.2.8-3+deb8u2.debian.tar.xz
8f366bd8c54808ce4d468efc5b31d7edec5a779e 3073664
request-tracker4_4.2.8-3+deb8u2_all.deb
be38b9ffad749fe29b843b8baa4a58b41d32b144 51986
rt4-clients_4.2.8-3+deb8u2_all.deb
64e98c4fc9af467c918f163f0732bf121f40f1a8 16706
rt4-standalone_4.2.8-3+deb8u2_all.deb
745bf82d49eec132db122ab495b10d3f4c0f67ba 19066 rt4-fcgi_4.2.8-3+deb8u2_all.deb
ec485cc6c5ad1138b321783bc243b0ba40617926 18016
rt4-apache2_4.2.8-3+deb8u2_all.deb
4241bf057937a41fb6825cb6c91b6493439c7da2 17326
rt4-db-postgresql_4.2.8-3+deb8u2_all.deb
fc27f3be4eadf0764a24a63475a684479dd572bc 17338
rt4-db-mysql_4.2.8-3+deb8u2_all.deb
9e67bc8d03f246f4d0673aa4ef1ae8c3ff246c5f 17438
rt4-db-sqlite_4.2.8-3+deb8u2_all.deb
05c7773b3494cea4655980956d1948e48916223f 982314
rt4-doc-html_4.2.8-3+deb8u2_all.deb
Checksums-Sha256: