CVE-2015-1165 Information

Description

RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.

Reference

http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154213.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154047.html http://www.debian.org/security/2015/dsa-3176