Package "request-tracker5"

Links

Download "request-tracker5"

Other versions of "request-tracker5" in Plucky

Repository	Area	Version
base	universe	5.0.7+dfsg-2
updates	universe	5.0.7+dfsg-2ubuntu0.1

Packages in group

Deleted packages are displayed in grey.

• rt5-apache2
• rt5-clients
• rt5-db-mysql
• rt5-db-postgresql
• rt5-db-sqlite
• rt5-doc-html
• rt5-fcgi
• rt5-standalone

Changelog

Version: 5.0.7+dfsg-2ubuntu0.1	2025-08-13 20:07:11 UTC
request-tracker5 (5.0.7+dfsg-2ubuntu0.1) plucky-security; urgency=medium   * SECURITY UPDATE: Multiple security fixes     - d/p/CVE-2025-2545_CVE-2025-30087_CVE-2025-31500_CVE-2025-       31501.patch: Fix four security issues in RT.     - debian/patches/CVE-2025-patchset-test-fix.patch: Fix test for       2025-04-08 CVE patchset     - debian/patches/CVE-2025-30087-regression.patch: Improve fix to       CVE-2025-30087     - CVE-2025-2545     - CVE-2025-30087     - CVE-2025-31500     - CVE-2025-31501  -- John Breton <email address hidden> Thu, 07 Aug 2025 12:20:28 -0400
CVE-2025-2545 Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to prot CVE-2025-30087 Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL. CVE-2025-31500 Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name. CVE-2025-31501 Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink.

---

Share this page

Bookmarks

google-chrome-beta 140.0.7339.16

Latest updates

  Packages changelogs
  Bugs & CVEs

proposed

llvm-toolchain-20 (noble)
mysql-8.4 (plucky)
mysql-8.4 (plucky)
libreoffice (plucky)
libreoffice (plucky)
malcontent (plucky)
dotnet8 (plucky)
samba (plucky)
dotnet9 (plucky)
u-boot (plucky)
simple-scan (plucky)
tecla (plucky)
malcontent (plucky)
dotnet8 (plucky)
powermgmt-base (plucky)
samba (plucky)
linux-firmware (plucky)
dotnet8 (noble)
displaycal-py3 (noble)
software-properties (noble)
samba (noble)
qemu (noble)
malcontent (noble)
ubuntustudio-installer (noble)
malcontent (noble)
heat (noble)
software-properties (noble)
qemu (noble)
simple-scan (noble)
powermgmt-base (noble)

See all

PPA updates

  PPAs

nginx-nr-agent (bionic)
google-chrome-canary (stable)
pgreplay (jammy-pgdg)
linux-restricted-signatures (noble)
linux-restricted-modules (noble)
linux-signed (noble)
linux-meta (noble)
linux-generate (noble)
linux (noble)
vivaldi-snapshot (stable)
code-insiders (stable)
firefox-trunk (plucky)
firefox-trunk (noble)
firefox-trunk (jammy)
firefox-trunk (focal)
linux-riscv-6.8 (jammy)
google-chrome-unstable (stable)
linux-signed-gkeop (noble)
pgrouting (jammy-pgdg)
pgsql-ogr-fdw (jammy-pgdg)
postgis-java (jammy-pgdg)
postgresql-17 (jammy-pgdg)
postgresql-16 (jammy-pgdg)
postgresql-15 (jammy-pgdg)
postgresql-14 (jammy-pgdg)
postgresql-13 (jammy-pgdg)
pgcluu (jammy-pgdg)
linux-meta-gkeop (noble)
linux-generate-gkeop (noble)
linux-restricted-signatures-gcp-6.8 (jammy)

See all