| Package | request-tracker4 |
|---|---|
| Version | 4.4.3-2+deb10u4 (buster) |
| Related CVEs | CVE-2024-3262 CVE-2025-2545 CVE-2025-30087 |
Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.
For Debian 10 buster, these problems have been fixed in version 4.4.3-2+deb10u4.
We recommend that you upgrade your request-tracker4 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.