Bugs fixes in "request-tracker4"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2023-41260 | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. | 2023-12-04 |
| CVE | CVE-2023-41259 | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email | 2023-12-04 |
| CVE | CVE-2021-38562 | Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing at | 2023-12-04 |
| CVE | CVE-2022-25802 | Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. | 2023-12-04 |
| CVE | CVE-2023-41260 | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. | 2023-12-04 |
| CVE | CVE-2023-41259 | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email | 2023-12-04 |
| CVE | CVE-2021-38562 | Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing at | 2023-12-04 |
| CVE | CVE-2022-25802 | Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. | 2023-12-04 |
About
-
Send Feedback to @ubuntu_updates
