Your message dated Thu, 21 Jul 2022 07:19:22 +0000
with message-id <e1oeqsw-0005pk...@fasolo.debian.org>
and subject line Bug#985704: fixed in request-tracker5 5.0.3+dfsg-1
has caused the Debian Bug report #985704,
regarding request-tracker5: broken symlinks:
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/{pgsql,sqlite3}/4.5.[0-7]
-> ../mysql/4.5.[0-7]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
985704: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985704
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: request-tracker5
Version: 5.0.1+dfsg-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
>From the attached log (scroll to the bottom...):
1m16.4s ERROR: FAIL: Broken symlinks:
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/sqlite3/4.5.7 ->
../mysql/4.5.7 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/sqlite3/4.5.6 ->
../mysql/4.5.6 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/sqlite3/4.5.3 ->
../mysql/4.5.3 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/sqlite3/4.5.1 ->
../mysql/4.5.1 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/pgsql/4.5.7 ->
../mysql/4.5.7 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/pgsql/4.5.6 ->
../mysql/4.5.6 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/pgsql/4.5.5 ->
../mysql/4.5.5 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/pgsql/4.5.4 ->
../mysql/4.5.4 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/pgsql/4.5.3 ->
../mysql/4.5.3 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/pgsql/4.5.1 ->
../mysql/4.5.1 (request-tracker5)
/usr/share/dbconfig-common/scripts/request-tracker5/upgrade/pgsql/4.5.0 ->
../mysql/4.5.0 (request-tracker5)
cheers,
Andreas
request-tracker5_5.0.1+dfsg-1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: request-tracker5
Source-Version: 5.0.3+dfsg-1
Done: Andrew Ruthven <and...@etc.gen.nz>
We believe that the bug you reported is fixed in the latest version of
request-tracker5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 985...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andrew Ruthven <and...@etc.gen.nz> (supplier of updated request-tracker5
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 21 Jul 2022 17:06:28 +1200
Source: request-tracker5
Architecture: source
Version: 5.0.3+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Andrew Ruthven <and...@etc.gen.nz>
Changed-By: Andrew Ruthven <and...@etc.gen.nz>
Closes: 984676 985704 988905 995167
Changes:
request-tracker5 (5.0.3+dfsg-1) unstable; urgency=medium
.
* New upstream release (Closes: #988905).
* Drop patches merged upstream:
- use_webpath_for_relateddata_links.diff
- rt-crypt-gnupg-combine-call.diff
* Ensure package descriptions consistently refer to version 5
(Closes: #984676).
* Ensure a sane database admin user is specified for both PostgreSQL
and MySQL.
* Only create symlinks for the DB upgrade scripts we ship (Closes: #985704).
* Fixes a security vulnerability that involves a login timing side-channel
attack. This resolves CVE-2021-38562 (Closes: #995167)
* Update fix_test_ldap_ipv4.diff for new test
t/externalauth/ldap_email_login.t
* Add missing dependencies on dbconfig-{mysql,postgresql,sqlite3}.
* Refresh debian/copyright
* Fix multiple security issues:
- [CVE-2022-25803] RT 5.0 is vulnerable to unvalidated, or open,
redirects in ticket searches.
- [CVE-2022-25802] A cross-site scripting (XSS) issue when displaying
attachment content with fraudulent content types. This vulnerability
is assigned
- Not performing full rights checks on access to file or image type
custom fields, possibly allowing access to these custom fields by
users without rights to access to the associated objects (like the
ticket it is associated with).
* RT is incompatible with Test::WWW::Mechanize 1.58, exclude that version.
* Update upstream signing key.
* Update Standards-Version to 4.6.1 (no changes)
Checksums-Sha1:
84f1c0c1f289e8954b540a477889b3e822533c4c 6145 request-tracker5_5.0.3+dfsg-1.dsc
ef0b663b6363cabf3845f7f6bd5b508d66b0929e 3217706
request-tracker5_5.0.3+dfsg.orig-third-party-source.tar.gz
4f043bd95000923aa8189403b73f52b720c534de 18601901
request-tracker5_5.0.3+dfsg.orig.tar.gz
307b425a830f9ff3df679e2d365a02a8c566bdcb 455
request-tracker5_5.0.3+dfsg.orig.tar.gz.asc
659756e812249ae6187e5e7c496595f2939d45bf 88348
request-tracker5_5.0.3+dfsg-1.debian.tar.xz
b4e2d5c6472dea65fb8b70b14a1264754de25c90 22317
request-tracker5_5.0.3+dfsg-1_amd64.buildinfo
Checksums-Sha256:
0d22ae2ee6d68d6306be0c6ecf8bb4996a83dc1c562527b83181bc9e79b1c165 6145
request-tracker5_5.0.3+dfsg-1.dsc
49b856ff23be2f5265c7b3460ac3d49ef24e4462b8165d39fbb12b7776d0e66a 3217706
request-tracker5_5.0.3+dfsg.orig-third-party-source.tar.gz
e23aee3cb291ccad5e521aeabe0fcd2f076bcfa8b7f801af498a7505e53d8441 18601901
request-tracker5_5.0.3+dfsg.orig.tar.gz
6cfc32a9bf2d09768a5ac2b103f21d6675dfc3490c06190562296e5b2082ccce 455
request-tracker5_5.0.3+dfsg.orig.tar.gz.asc
f0ad088001c12ec681afbdc139aadcf584ddee22c9b86446bab5635c9e6045f8 88348
request-tracker5_5.0.3+dfsg-1.debian.tar.xz
c13d56e62d8ef77fdbf0524ac1646117378803378e9240b2826f540bec6cb6ab 22317
request-tracker5_5.0.3+dfsg-1_amd64.buildinfo
Files:
1696c4fd66753b9230c6f44c6ff11d7d 6145 misc optional
request-tracker5_5.0.3+dfsg-1.dsc
7e052f0715b42102e6387f6e398a6e87 3217706 misc optional
request-tracker5_5.0.3+dfsg.orig-third-party-source.tar.gz
ec8a8fc2fbbf1ccebb4825ca0e2aeac5 18601901 misc optional
request-tracker5_5.0.3+dfsg.orig.tar.gz
f52489a073fb418b7bc68a6bb672299e 455 misc optional
request-tracker5_5.0.3+dfsg.orig.tar.gz.asc
e56b7db42dd0d1d5855089d688810e37 88348 misc optional
request-tracker5_5.0.3+dfsg-1.debian.tar.xz
ce3fc248bc6303a3a80b282bba1e2c3d 22317 misc optional
request-tracker5_5.0.3+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEExgP8TmAPHOzRyNl8S1PZMeTT6GMFAmLY+aYACgkQS1PZMeTT
6GP5yg//Ufr28Yhrmt80zbQI7gbo6yV5kSc/hSIPHeAsnpZftwPrPF23unRC8Y/V
rubcZay115wzHUGud+x0GTNykjQFCcf5b6anXaCoB9IyQwD9/iveDiMLa+ZSg/y0
oDWpawrv+i6U672uRCBawiY7MulEqwfw1Lk06vPKq8O1fnbIo0V1awZw6GQh2KBA
/fJ/HIY3zwOz0SrLrM97XufJSZRiOQbz1AFAUv4fPrFC3XvVOw6YmoXSDv2b9xdL
1//gnnH6qVENWbkYn07e46pTeuIiH4u59udqfsGfHGKfKVNtMHWC1cymDxClSgsl
LNWwkMSGyhv5wjomo3WTzVKnXBTeQw6Yzv8NAguWEfpMZMozzgItUnJcONyP+HFC
bzE9da9YbwDBVmZ2zqLAGyYRSq1jTxYCWHvO5qCGZrI4CeSz/C/KALbfKYSxxvJ6
8Bg5on6nO6WEFJkzdAIgxniO6ZB1jSSA1IAreMZPC6n8rGAPFC6QhaRZlvchUVvK
Q8XpF5yFZJjraVEKofYiuzZJRZooVK9C4YlvgtR/iwoo2DtLCyJyUyWhWYzUSAJ8
qLq8IQ8IeePbcrh7j8YvLCwPSZGs+suIoZVYh9v8OEqgJ6DrHQvjV3TQKhHO5VQw
MoYWLT9AuWcx443QU9B6u7iHbDTIAksU2zchydjsPhZBiZF1CSw=
=RysF
-----END PGP SIGNATURE-----
--- End Message ---
