Candidate: CVE-2012-4732
PublicDate: 2012-11-11 13:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4732
 http://www.debian.org/security/2012/dsa-2567
Description:
 Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT)
 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions
 before 4.0.8, allows remote attackers to hijack the authentication of users
 for requests that toggle ticket bookmarks.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_request-tracker4:
upstream_request-tracker4: released (4.0.7-2)
hardy_request-tracker4: DNE
lucid_request-tracker4: DNE
oneiric_request-tracker4: ignored (reached end-of-life)
precise_request-tracker4: ignored (reached end-of-life)
precise/esm_request-tracker4: DNE (precise was needed)
quantal_request-tracker4: ignored (reached end-of-life)
raring_request-tracker4: not-affected (4.0.7-2)
saucy_request-tracker4: not-affected (4.0.7-2)
trusty_request-tracker4: not-affected (4.0.7-2)
trusty/esm_request-tracker4: DNE (trusty was not-affected [4.0.7-2])
utopic_request-tracker4: not-affected (4.0.7-2)
vivid_request-tracker4: not-affected (4.0.7-2)
vivid/stable-phone-overlay_request-tracker4: DNE
vivid/ubuntu-core_request-tracker4: DNE
wily_request-tracker4: not-affected (4.0.7-2)
xenial_request-tracker4: not-affected (4.0.7-2)
yakkety_request-tracker4: not-affected (4.0.7-2)
zesty_request-tracker4: not-affected (4.0.7-2)
devel_request-tracker4: not-affected (4.0.7-2)

Patches_request-tracker3.8:
upstream_request-tracker3.8: released (3.8.8-7+squeeze6)
hardy_request-tracker3.8: DNE
lucid_request-tracker3.8: released (3.8.7-1ubuntu2.3)
oneiric_request-tracker3.8: released (3.8.10-1ubuntu0.1)
precise_request-tracker3.8: released (3.8.11-1ubuntu0.1)
precise/esm_request-tracker3.8: DNE (precise was released [3.8.11-1ubuntu0.1])
quantal_request-tracker3.8: DNE
raring_request-tracker3.8: DNE
saucy_request-tracker3.8: DNE
trusty_request-tracker3.8: DNE
trusty/esm_request-tracker3.8: DNE
utopic_request-tracker3.8: DNE
vivid_request-tracker3.8: DNE
vivid/stable-phone-overlay_request-tracker3.8: DNE
vivid/ubuntu-core_request-tracker3.8: DNE
wily_request-tracker3.8: DNE
xenial_request-tracker3.8: DNE
yakkety_request-tracker3.8: DNE
zesty_request-tracker3.8: DNE
devel_request-tracker3.8: DNE