A vulnerability has been reported in RT, which can exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "Devel::StackTrace" Perl module and can be exploited to exhaust all available memory or consume all CPU resources. Successful exploitation requires that the attacker is a privileged RT user. The vulnerability is reported in 3.x versions prior to 3.6.7. SOLUTION: Update to version 3.6.7. PROVIDED AND/OR DISCOVERED BY: The vendor credits Rune Hammersland. ORIGINAL ADVISORY: http://lists.bestpractical.com/pipermail/rt-announce/2008-June/000158.html
Added rt-3.6.7. Unstable on all arches. Removed vulnerable versions. webapps done.
Done for us, thanks.