request-tracker5 (5.0.3+dfsg-3~deb12u3) bookworm-security; urgency=medium

  The default cipher for encrypting SMIME email has been changed from 3DES
  (des3) to aes-128-cbc. If you need to use des3, use the new Crypt option.

  There is an information exposure vulnerability due to browser cache usage.
  If you have sensitive information enable the $WebStrictBrowserCache option

 -- Andrew Ruthven <andrew@etc.gen.nz>  Wed, 15 May 2024 21:56:41 +1200

request-tracker5 (5.0.3+dfsg-1) unstable; urgency=medium

  Below are some specific notes about changes in this major new release
  of RT, but please also review in full the notes in
  /usr/share/doc/request-tracker5/UPGRADING-5.0.gz and
  /usr/share/doc/request-tracker5/README.Debian.gz.

  This version of RT incorporates several new plugins, which should be removed
  from the system if installed locally to prevent conflicts:

  * RT::Extension::QuoteSelection
  * RT::Extension::RightsInspector
  * RT::Extension::ConfigInDatabase
  * RT::Extension::CustomRole::Visibility
  * RT::Extension::PriorityAsString
  * RT::Extension::AssetSQL
  * RT::Extension::LifecycleUI
  * RT::Extension::REST2
  * RT::Authen::Token

  A bug with the Mason cache introduced in 4.4.5 is fixed. This mostly
  impacted RTIR users, but could show up with broken links in other cases
  also.

 -- Andrew Ruthven <andrew@etc.gen.nz>  Thu, 21 Jul 2022 17:06:28 +1200