request-tracker3.8 - several

Several vulnerabilities were discovered in Request Tracker (RT), an issue
tracking system.

• CVE-2012-4730
  Authenticated users can add arbitrary headers or content to
  mail generated by RT.
• CVE-2012-4732
  A CSRF vulnerability may allow attackers to toggle ticket
  bookmarks.
• CVE-2012-4734
  If users follow a crafted URI and log in to RT, they may
  trigger actions which would ordinarily blocked by the CSRF
  prevention logic.
• CVE-2012-6578,
  CVE-2012-6579,
  CVE-2012-6580,
  CVE-2012-6581
  Several different vulnerabilities in GnuPG processing allow
  attackers to cause RT to improperly sign outgoing email.
• CVE-2012-4884
  If GnuPG support is enabled, authenticated users can
  create arbitrary files as the web server user, which may
  enable arbitrary code execution.

Please note that if you run request-tracker3.8 under the Apache web
server, you must stop and start Apache manually. The restart
mechanism is not recommended, especially when using mod_perl.

For the stable distribution (squeeze), these problems have been fixed
in version 3.8.8-7+squeeze6.

For the unstable distribution (sid), these problems have been fixed in
version 4.0.7-2 of the request-tracker4 package.

We recommend that you upgrade your request-tracker3.8 packages.