Ubuntu
request-tracker3.8 package

RequestTracker 3.8 lacking a security fix for several CVE vulnerabilites

Asked by Staffan Emrén on 2012-07-02

There are several vulnerabilites for RequestTracker 3.8, and recently there was a security update (DSA 2480-1) for debian regarding the CVE-IDs CVE-2011-2082, CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458, CVE-2011-4459 and CVE-2011-4460. It's been some time now since that security update was released. Will there be a similar security update for the Ubuntu 10.04 RT-package?

Best regards

Staffan Emrén
Uppsala Learning Lab, Uppsala University

Question information

Language:: English Edit question

Status:: Answered

For:: Ubuntu request-tracker3.8 Edit question

Assignee:: No assignee Edit question

Last query:: 2012-07-02

Last reply:: 2012-07-03

Revision history for this message

Manfred Hampl (m-hampl) said on 2012-07-03:

I think the vulnerabilities you are talking about are covered in bug 1004834

There is a patch for the lucid version already available, but no information about a planned rollout.

Can you help with this problem?

Provide an answer of your own, or ask Staffan Emrén for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

Ubunturequest-tracker3.8 package

RequestTracker 3.8 lacking a security fix for several CVE vulnerabilites

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers

Ubuntu
request-tracker3.8 package