kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/devel/rt4
History
ryoon 78cfa9cc40 Update to 4.2.12 
Changelog:
This release is a security release which addresses the following
vulnerabilities:

RT 4.0.0 and above are vulnerable to a cross-site scripting (XSS) attack via
the user and group rights management pages.  This vulnerability is assigned
CVE-2015-5475.  It was discovered and reported by Marcin Kopeć at Data Reliance
Shared Service Center.

RT 4.2.0 and above are vulnerable to a cross-site scripting (XSS) attack
via the cryptography interface.  This vulnerability could allow an attacker
with a carefully-crafted key to inject JavaScript into RT's user interface.
Installations which use neither GnuPG nor S/MIME are unaffected.
2016-01-30 23:54:20 +00:00
..
patches
DESCR
dirs.mk
distinfo Update to 4.2.12 2016-01-30 23:54:20 +00:00
INSTALL Update to 4.2.12 2016-01-30 23:54:20 +00:00
Makefile Update to 4.2.12 2016-01-30 23:54:20 +00:00
MESSAGE Update to 4.2.12 2016-01-30 23:54:20 +00:00
options.mk
PLIST Update to 4.2.12 2016-01-30 23:54:20 +00:00