[ubuntu/zesty-updates] otrs2 5.0.16-1+deb9u3build0.17.04.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Nov 28 17:58:19 UTC 2017
otrs2 (5.0.16-1+deb9u3build0.17.04.1) zesty-security; urgency=medium
* fake sync from Debian
otrs2 (5.0.16-1+deb9u3) stretch-security; urgency=high
* Add patch 17-CVE-2017-16664:
This fixes OSA-2017-07, also known as CVE-2017-16664: An attacker who is
logged into OTRS as an agent can request special URLs from OTRS which can
lead to the execution of shell commands with the permissions of the web
server user.
Closes: #882370
Date: 2017-11-28 16:03:24.262745+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/otrs2/5.0.16-1+deb9u3build0.17.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list