DLA-158-1 request-tracker3.8 - security update

Bulletin has no description...

CVE-2013-3370

Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does not properly restrict access to private callback components, which allows remote attackers to have an unspecified impact via a direct request...

CVE-2013-3372

Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting XSS attacks via unspecified vectors...

[SECURITY] [DSA 2670-1] request-tracker3.8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2670-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 22, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2567-1] request-tracker3.8 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2567-1 [email protected] http://www.debian.org/security/ Florian Weimer October 26, 2012 http://www.debian.org/security/faq -...

DSA-2480-3 request-tracker3.8 - regression

Bulletin has no description...

DSA-2480-1 request-tracker3.8 - several

Bulletin has no description...

[BSA-022] Security Update for request-tracker3.8

Jan Wagner uploaded new packages for request-tracker3.8 which fixed the following security problems: CVE-2011-0009 It was discovered that Request Tracker, an issue tracking system, stored passwords in its database by using an insufficiently strong hashing method. If an attacker would have access ...