Accepted otrs2 5.0.16-1+deb9u5 (source all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 19 Dec 2017 10:56:05 +0100
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 5.0.16-1+deb9u5
Distribution: stretch-security
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
otrs - Open Ticket Request System (OTRS 5)
otrs2 - Open Ticket Request System
Changes:
otrs2 (5.0.16-1+deb9u5) stretch-security; urgency=high
.
* Add patch 20-OSA-2017-10:
This fixes OSA-2017-10: An attacker can send a specially prepared email to
an OTRS system. If this system has cookie support disabled, and a logged in
agent clicks a link in this email, the session information could be leaked
to external systems, allowing the attacker to take over the agent’s
session.
Checksums-Sha1:
73b616b059b33f1884949b7684fba5d1b3a0ecf2 1838 otrs2_5.0.16-1+deb9u5.dsc
a5cc986229cad287ca37eed86dccaa87fc91cf1f 52536 otrs2_5.0.16-1+deb9u5.debian.tar.xz
740088335612419e5026849aff4194a078c6844a 7053374 otrs2_5.0.16-1+deb9u5_all.deb
06cbf2def038d6145d44ec2b398236e6478cb4d6 7279 otrs2_5.0.16-1+deb9u5_amd64.buildinfo
9723265c3ecf03bc6ebaf4ef236cbe12e63cc87d 213366 otrs_5.0.16-1+deb9u5_all.deb
Checksums-Sha256:
090df54e4bbdc318f060b9a08c25f1ad854d842d5c7d9d5f4e953c8f89287311 1838 otrs2_5.0.16-1+deb9u5.dsc
886a2bee29a6dd33b908ccf058824030d6e55e07ef15673911ba73bca60dcfaf 52536 otrs2_5.0.16-1+deb9u5.debian.tar.xz
5bf897596ecacf63ea746805f9615f897533ece292b5227e3d1101ea06b3297b 7053374 otrs2_5.0.16-1+deb9u5_all.deb
0ae229c6c4d0cec793fa3ef1ad192c6ae5d7ef9ae61c4aaee03208e2b84bca30 7279 otrs2_5.0.16-1+deb9u5_amd64.buildinfo
a64c3fb238d18cd647286777108291db6ebc76a8451032b35eec92032c78ca6b 213366 otrs_5.0.16-1+deb9u5_all.deb
Files:
819cef99e1e01d20f61eb537a6361cbe 1838 non-free/web optional otrs2_5.0.16-1+deb9u5.dsc
3fb7e12a0187f46cd075a13cad439057 52536 non-free/web optional otrs2_5.0.16-1+deb9u5.debian.tar.xz
b86fd91322b9b20e0c63af700c04c2c9 7053374 non-free/web optional otrs2_5.0.16-1+deb9u5_all.deb
e58433600fc6c27ad12dffb2d8c76213 7279 non-free/web optional otrs2_5.0.16-1+deb9u5_amd64.buildinfo
c44a669088541ea7c19c95fb823cbd0d 213366 non-free/web optional otrs_5.0.16-1+deb9u5_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAlo6HV4ACgkQEtmwSpDL
2OSK5Q//REk2gS8ZwlRUmiKYlmV7PCA86rJOuOP90WS6+X0gbAF8YFXCeKQDQ4wz
24x6rb4r9d6QQWmoEkSWoESVxiI3MOpxhs+0MEd67SBa2eld/4WiStP81Jkh3M7Q
1Bi/vRnvimDuw7gYnix0BaV06ggsC1MKRawr3e488pEDgsYWQanlFuhoMfEtAgKg
RxLy9mgkGOyUun11fMSRxqLaAbci/E5PGIJSVauMq2e8T30yHlFMv3Nl4pJIQkYH
5cezTOX0VA8H/ZNHp9OINXDjjutBNlmKai1khVJdRm/BF7ibAWZDJp1TMzY+RjU7
aaCOO0Qdc8HrZQNy9jmwK0+Yn8OsOG9AaFmpU+pgHOAb19wEKdyWFLW069hYHiGp
L69aid24ffFqmK3FU2/+OxFUJmQgyGWivWPqfCxCwVIzle7bMobR3zvumG3xN5+p
6KkNRe0rJlUCd0oyjH0rhDEF85draek8PvIajC8eEHO1aYdaepYcQMyCZ8Q+khUf
BmBMhlkTwhwTsZgduvIaL2soCGaccjV7oGrdAd/FyiMMiVQcg6y9Paxvv2b0pEFB
xDIjWdV33oLoIy6hEecfRjFz5gMWs+JnN5WEB7YcA7uYi5ygsyTdZdCRM+xOH74B
oDCNxtbWMGNbqhCb0+rGNf5z+/3yX0DYldBtQzUNmqoyq6vIPFU=
=Z84x
-----END PGP SIGNATURE-----
Reply to: