subject:"Bug#864302\: marked as done \(request\-tracker4\: FTBFS due to base.pm changes in July 2016\)"

Bug#864302: marked as done (request-tracker4: FTBFS due to base.pm changes in July 2016)

2017-06-24 Thread Debian Bug Tracking System

Your message dated Sat, 24 Jun 2017 21:18:52 +
with message-id 
and subject line Bug#864302: fixed in request-tracker4 4.2.8-3+deb8u2
has caused the Debian Bug report #864302,
regarding request-tracker4: FTBFS due to base.pm changes in July 2016
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864302: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864302
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: request-tracker4
Version: 4.2.8-3+deb8u1
Severity: serious
Justification: ftbfs
Tags: jessie patch

As per

http://perl.debian.net/rebuild-logs/jessie/request-tracker4_4.2.8-3+deb8u1/request-tracker4_4.2.8-3+deb8u1_amd64-2017-06-05T20:11:50Z.build

building this package was broken by the changes in perl to fix the '.'
in @INC vulnerability.

The breakage doesn't appear in the version in unstable, though it's
not immediately obvious why. There is a proposed fix in

https://anonscm.debian.org/cgit/pkg-request-tracker/request-tracker4.git/log/?h=ntyni/jessie-base-pm

Dominic.
--- End Message ---
--- Begin Message ---
Source: request-tracker4
Source-Version: 4.2.8-3+deb8u2

We believe that the bug you reported is fixed in the latest version of
request-tracker4, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dominic Hargreaves  (supplier of updated request-tracker4 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 10 Jun 2017 23:25:11 +0100
Source: request-tracker4
Binary: request-tracker4 rt4-clients rt4-standalone rt4-fcgi rt4-apache2 
rt4-db-postgresql rt4-db-mysql rt4-db-sqlite rt4-doc-html
Architecture: all source
Version: 4.2.8-3+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Request Tracker Group 

Changed-By: Dominic Hargreaves 
Closes: 864302
Description: 
 request-tracker4 - extensible trouble-ticket tracking system
 rt4-apache2 - Apache 2 specific files for request-tracker4
 rt4-clients - mail gateway and command-line interface to request-tracker4
 rt4-db-mysql - MySQL database backend for request-tracker4
 rt4-db-postgresql - PostgreSQL database backend for request-tracker4
 rt4-db-sqlite - SQLite database backend for request-tracker4
 rt4-doc-html - HTML documentation for request-tracker4
 rt4-fcgi   - External FastCGI support for request-tracker4
 rt4-standalone - Standalone web server support for request-tracker4
Changes:
 request-tracker4 (4.2.8-3+deb8u2) jessie-security; urgency=high
 .
   * Fix FTBFS due to base.pm changes (Closes: #864302)
   * Fix multiple security issues:
 - [CVE-2017-5943] CSRF verification token information leak
 - [CVE-2016-6127] XSS in file uploads
 - [CVE-2017-5361] Timing side-channel vulnerability in password
   verification
 - [CVE-2017-5944] Remote code execution in dashboard interface
 - Add check for incorrect RestrictLoginReferrer configuration setting
   * Work around a DoS vulnerability in Email::Address (CVE-2015-7686)
Checksums-Sha1: 
 253920f51e42317d0da074bcc88861b74f6f8cb2 5629 
request-tracker4_4.2.8-3+deb8u2.dsc
 000a7de7337b4f0ab60fb5dbed451e610b4183f3 78564 
request-tracker4_4.2.8-3+deb8u2.debian.tar.xz
 8f366bd8c54808ce4d468efc5b31d7edec5a779e 3073664 
request-tracker4_4.2.8-3+deb8u2_all.deb
 be38b9ffad749fe29b843b8baa4a58b41d32b144 51986 
rt4-clients_4.2.8-3+deb8u2_all.deb
 64e98c4fc9af467c918f163f0732bf121f40f1a8 16706 
rt4-standalone_4.2.8-3+deb8u2_all.deb
 745bf82d49eec132db122ab495b10d3f4c0f67ba 19066 rt4-fcgi_4.2.8-3+deb8u2_all.deb
 ec485cc6c5ad1138b321783bc243b0ba40617926 18016 
rt4-apache2_4.2.8-3+deb8u2_all.deb
 4241bf057937a41fb6825cb6c91b6493439c7da2 17326 
rt4-db-postgresql_4.2.8-3+deb8u2_all.deb
 fc27f3be4eadf0764a24a63475a684479dd572bc 17338 
rt4-db-mysql_4.2.8-3+deb8u2_all.deb
 9e67bc8d03f246f4d0673aa4ef1ae8c3ff246c5f 17438 
rt4-db-sqlite_4.2.8-3+deb8u2_all.deb
 05c7773b3494cea4655980956d1948e48916223f 982314 
rt4-doc-html_4.2.8-3+deb8u2_all.deb
Checksums-Sha256:

Bug#864302: marked as done (request-tracker4: FTBFS due to base.pm changes in July 2016)

2017-06-18 Thread Debian Bug Tracking System

Your message dated Sun, 18 Jun 2017 21:52:31 +0100
with message-id <20170618205231.5gkvsikw7jmdo...@urchin.earth.li>
and subject line Fixed in last upload to jessie
has caused the Debian Bug report #864302,
regarding request-tracker4: FTBFS due to base.pm changes in July 2016
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864302: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864302
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: request-tracker4
Version: 4.2.8-3+deb8u1
Severity: serious
Justification: ftbfs
Tags: jessie patch

As per

http://perl.debian.net/rebuild-logs/jessie/request-tracker4_4.2.8-3+deb8u1/request-tracker4_4.2.8-3+deb8u1_amd64-2017-06-05T20:11:50Z.build

building this package was broken by the changes in perl to fix the '.'
in @INC vulnerability.

The breakage doesn't appear in the version in unstable, though it's
not immediately obvious why. There is a proposed fix in

https://anonscm.debian.org/cgit/pkg-request-tracker/request-tracker4.git/log/?h=ntyni/jessie-base-pm

Dominic.
--- End Message ---
--- Begin Message ---
Version: 4.2.8-3+deb8u2--- End Message ---

Bug#864302: marked as done (request-tracker4: FTBFS due to base.pm changes in July 2016)

Bug#864302: marked as done (request-tracker4: FTBFS due to base.pm changes in July 2016)

2 matches

Site Navigation

Mail list logo

Footer information