-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-7ddc28a14b 2021-10-13 20:25:58.837180 --------------------------------------------------------------------------------
Name : rt Product : Fedora 33 Version : 4.4.5 Release : 4.fc33 URL : http://bestpractical.com/request-tracker Summary : Request tracker Description : RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitted by a community of users.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2021-38562 ---- Security fix for CVE-2021-38562 -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 5 2021 Ralf Cors��pius corsepiu@fedoraproject.org - 4.4.5-4 - Add R: perl(Net::IP). - Fix broken changelog entry. * Mon Oct 4 2021 Ralf Cors��pius corsepiu@fedoraproject.org - 4.4.5-3 - Note this update addresses CVE-2021-38562 (RHBZ#2008957, RHBZ#2008958). - BR: perl(GnuPG::Interface) >= 1.02 for rt-4.4.x >= 4.4.5. - Remove anacronistic Conflict with perl(DBD::Pg) = 3.3.0. * Fri Sep 24 2021 Fedora Release Engineering releng@fedoraproject.org - 4.4.5-2 - Revert previous erronious commit. * Thu Sep 23 2021 Fedora Release Engineering releng@fedoraproject.org - 4.4.5-1 - Upgrade to rt-4.4.5. - Add BR: perl(Parallel::ForkManager). - Preps for rt-5. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2008957 - CVE-2021-38562 rt: User enumeration through a timing side-channel attack https://bugzilla.redhat.com/show_bug.cgi?id=2008957 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-7ddc28a14b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org