Your message dated Sat, 24 Jun 2017 21:18:52 +0000 with message-id <e1dossc-0000t1...@fasolo.debian.org> and subject line Bug#864302: fixed in request-tracker4 4.2.8-3+deb8u2 has caused the Debian Bug report #864302, regarding request-tracker4: FTBFS due to base.pm changes in July 2016 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 864302: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864302 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: request-tracker4 Version: 4.2.8-3+deb8u1 Severity: serious Justification: ftbfs Tags: jessie patch As per http://perl.debian.net/rebuild-logs/jessie/request-tracker4_4.2.8-3+deb8u1/request-tracker4_4.2.8-3+deb8u1_amd64-2017-06-05T20:11:50Z.build building this package was broken by the changes in perl to fix the '.' in @INC vulnerability. The breakage doesn't appear in the version in unstable, though it's not immediately obvious why. There is a proposed fix in https://anonscm.debian.org/cgit/pkg-request-tracker/request-tracker4.git/log/?h=ntyni/jessie-base-pm Dominic.
--- End Message ---
--- Begin Message ---Source: request-tracker4 Source-Version: 4.2.8-3+deb8u2 We believe that the bug you reported is fixed in the latest version of request-tracker4, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 864...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Dominic Hargreaves <d...@earth.li> (supplier of updated request-tracker4 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 10 Jun 2017 23:25:11 +0100 Source: request-tracker4 Binary: request-tracker4 rt4-clients rt4-standalone rt4-fcgi rt4-apache2 rt4-db-postgresql rt4-db-mysql rt4-db-sqlite rt4-doc-html Architecture: all source Version: 4.2.8-3+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian Request Tracker Group <pkg-request-tracker-maintain...@lists.alioth.debian.org> Changed-By: Dominic Hargreaves <d...@earth.li> Closes: 864302 Description: request-tracker4 - extensible trouble-ticket tracking system rt4-apache2 - Apache 2 specific files for request-tracker4 rt4-clients - mail gateway and command-line interface to request-tracker4 rt4-db-mysql - MySQL database backend for request-tracker4 rt4-db-postgresql - PostgreSQL database backend for request-tracker4 rt4-db-sqlite - SQLite database backend for request-tracker4 rt4-doc-html - HTML documentation for request-tracker4 rt4-fcgi - External FastCGI support for request-tracker4 rt4-standalone - Standalone web server support for request-tracker4 Changes: request-tracker4 (4.2.8-3+deb8u2) jessie-security; urgency=high . * Fix FTBFS due to base.pm changes (Closes: #864302) * Fix multiple security issues: - [CVE-2017-5943] CSRF verification token information leak - [CVE-2016-6127] XSS in file uploads - [CVE-2017-5361] Timing side-channel vulnerability in password verification - [CVE-2017-5944] Remote code execution in dashboard interface - Add check for incorrect RestrictLoginReferrer configuration setting * Work around a DoS vulnerability in Email::Address (CVE-2015-7686) Checksums-Sha1: 253920f51e42317d0da074bcc88861b74f6f8cb2 5629 request-tracker4_4.2.8-3+deb8u2.dsc 000a7de7337b4f0ab60fb5dbed451e610b4183f3 78564 request-tracker4_4.2.8-3+deb8u2.debian.tar.xz 8f366bd8c54808ce4d468efc5b31d7edec5a779e 3073664 request-tracker4_4.2.8-3+deb8u2_all.deb be38b9ffad749fe29b843b8baa4a58b41d32b144 51986 rt4-clients_4.2.8-3+deb8u2_all.deb 64e98c4fc9af467c918f163f0732bf121f40f1a8 16706 rt4-standalone_4.2.8-3+deb8u2_all.deb 745bf82d49eec132db122ab495b10d3f4c0f67ba 19066 rt4-fcgi_4.2.8-3+deb8u2_all.deb ec485cc6c5ad1138b321783bc243b0ba40617926 18016 rt4-apache2_4.2.8-3+deb8u2_all.deb 4241bf057937a41fb6825cb6c91b6493439c7da2 17326 rt4-db-postgresql_4.2.8-3+deb8u2_all.deb fc27f3be4eadf0764a24a63475a684479dd572bc 17338 rt4-db-mysql_4.2.8-3+deb8u2_all.deb 9e67bc8d03f246f4d0673aa4ef1ae8c3ff246c5f 17438 rt4-db-sqlite_4.2.8-3+deb8u2_all.deb 05c7773b3494cea4655980956d1948e48916223f 982314 rt4-doc-html_4.2.8-3+deb8u2_all.deb Checksums-Sha256: 6f759c001d865196694323cd77c9e227a95904224bda0c84f057ebb873f5a5bd 5629 request-tracker4_4.2.8-3+deb8u2.dsc 7686f9ec7bea98d4c9fdecb76b6a846f55e2f12f0d7133e7e4f61a9f7b43e902 78564 request-tracker4_4.2.8-3+deb8u2.debian.tar.xz 5817d9fac54b9aeec1153c93a5798e966279642e06e0ffb5a2c891b6d6c0a577 3073664 request-tracker4_4.2.8-3+deb8u2_all.deb 4f8263c192be0e4bd3f0cefcd126a9965d432770e1ab64081ab7320bb06a9201 51986 rt4-clients_4.2.8-3+deb8u2_all.deb 615f6fb07a952472790152a7e4be550ce33e3a6686119573bc4c3ff02fec8e91 16706 rt4-standalone_4.2.8-3+deb8u2_all.deb 6d85dbb7ae624f0519a51c9c953de4e5a7becedfbebabb7334a3b5a1908229c0 19066 rt4-fcgi_4.2.8-3+deb8u2_all.deb a9df4c9d426556cbbfbc9be09be74a4a497574d5f4a8056ef09b0a15e394a473 18016 rt4-apache2_4.2.8-3+deb8u2_all.deb 42b18ba9ed170b2cc5fa533a34caa25f93361296860fef60682b0ea5fd0c531a 17326 rt4-db-postgresql_4.2.8-3+deb8u2_all.deb a651e0feb1570518a9cd814e3873b1c658d2dbfcf4ffa942c7c9dcb973d0168e 17338 rt4-db-mysql_4.2.8-3+deb8u2_all.deb 07345719e4d05701a42118728632327695fa771049807423999ee2534615ce60 17438 rt4-db-sqlite_4.2.8-3+deb8u2_all.deb 632d93626f69ec019bf3874068703a217246ecb4ad38227d7ae7a800c0053a47 982314 rt4-doc-html_4.2.8-3+deb8u2_all.deb Files: 0833e294412da55f7cee08f56a1cecc0 5629 misc optional request-tracker4_4.2.8-3+deb8u2.dsc 07b9879ce7f15eb58f965b09eeeb5df5 78564 misc optional request-tracker4_4.2.8-3+deb8u2.debian.tar.xz 213b3d14e5fcd7a028faf0a810922175 3073664 misc optional request-tracker4_4.2.8-3+deb8u2_all.deb 8d2657d25cd93f6911aa440d205ad709 51986 misc optional rt4-clients_4.2.8-3+deb8u2_all.deb 25d1629fe1a1d9493fba29225fd03d6a 16706 misc optional rt4-standalone_4.2.8-3+deb8u2_all.deb c47fea0128687786b5d5e247ef26364f 19066 misc optional rt4-fcgi_4.2.8-3+deb8u2_all.deb c127524044b9b49ceecd48c40fe5574f 18016 misc optional rt4-apache2_4.2.8-3+deb8u2_all.deb d892812c5c474eb055dec399a18e0050 17326 misc optional rt4-db-postgresql_4.2.8-3+deb8u2_all.deb c712018af0c4b969a516dfb11c1401dc 17338 misc optional rt4-db-mysql_4.2.8-3+deb8u2_all.deb 5af141024af30f80463d564e8e0f2129 17438 misc optional rt4-db-sqlite_4.2.8-3+deb8u2_all.deb 04d240bac23cce41c3897603a118a2f4 982314 doc optional rt4-doc-html_4.2.8-3+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJZQXstAAoJEMAFfnFNaU+yv3sP/jUWXEN9nDlfD8aeHA+XByP4 whLSFHiYMzgBaJqG+DT0aeykAch5p1q2J91ZAcLE+BeS+QQI1gJWAKHI4X9W4TyP iqDB1zjk4O7QC84cnXGMobfJejg5L/qyaqJAAfhPkxKtscFYTRj+5210wz235hfW HKRb1A5gMlhPkjVLUoQSEQ01vbtVGFjVjN8WxXtI45ohMxbN9rZfSZTAwNURCp0+ UdUM3Tjy+y6gKShgbPuRCqdZVOfRcuhisSyMdN9Yy0fRmjuMfJL1TJU5m5/9HUmG cim2FPTmFnIlfAQYLDvid9vSQine7kSQbgSPC07s1nzcI74KXP5hWZC0m8k+saI7 iiqg3Bgv9dvPWsEHPbyqn5hoGD9Bx3LHLuOFleYBby6vD5ZB34Ylk4l9e1/Mtjiu jtGnF43iHmdHqvCdi37GplQwIa5sAAGEmxP0vs6+bCwyRVmwkIHFknIpnPnSHfv2 gqq6g7Vx0SbVCWroKQIO2CpaETw0xndE11FUt9/YBMrkBtPh9pmeVY6EIC7RzLxw qxQpcni+7QpefRMTJz/4tmtqKIJMzb8+eVYJ0qMGMsa+GLhryvTT2jCjubbVKMNe 8+yp3muiWUgJpjLsheXK9kP24WeWRzqE7sxG1HQZq+a32m5wIKBHtBd6YPWzHGEs 04xadN1AF1XfqMk9C+WG =Q7SB -----END PGP SIGNATURE-----
--- End Message ---
