[ubuntu/artful-proposed] otrs2 5.0.23-1 (Accepted)
Jeremy Bicha
jeremy at bicha.net
Thu Sep 28 22:51:05 UTC 2017
otrs2 (5.0.23-1) unstable; urgency=high
* New upstream release.
- This fixes OSA-2017-04, also known as CVE-2017-14635: An attacker who is
logged into OTRS as an agent with write permissions for statistics can
inject arbitrary code into the system. This can lead to serious problems
like privilege escalation, data loss, and denial of service.
Closes: #876462
- Refresh patch 07-otrs-business-check.
- Refresh patch 09-disable-DashboardProductNotify.
- Refresh patch 11-do-not-test-file-writes.
- Refresh patch 14-font-paths.
* Bump Standards-Version to 4.1.0 (no changes required).
Date: 2017-09-28 16:36:42.111205+00:00
Signed-By: Jeremy Bicha <jeremy at bicha.net>
https://launchpad.net/ubuntu/+source/otrs2/5.0.23-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Artful-changes
mailing list