[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted otrs2 5.0.16-1+deb9u2 (source all) into proposed-updates->stable-new, proposed-updates

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 06 Nov 2017 15:22:44 +0100
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 5.0.16-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
 otrs       - Open Ticket Request System (OTRS 5)
 otrs2      - Open Ticket Request System
Closes: 876462
Changes:
 otrs2 (5.0.16-1+deb9u2) stretch-security; urgency=high
 .
   * Add patch 16-CVE-2017-14635:
     This fixes OSA-2017-04, also known as CVE-2017-14635: An attacker who is
     logged into OTRS as an agent with write permissions for statistics can
     inject arbitrary code into the system. This can lead to serious problems
     like privilege escalation, data loss, and denial of service.
     Closes: #876462
Checksums-Sha1:
 5655db3601cf33f09ea61489f08278d6bf2534f6 1838 otrs2_5.0.16-1+deb9u2.dsc
 5538c2b9138a0b6d5816ff034507dd5ce26abf8d 19417591 otrs2_5.0.16.orig.tar.bz2
 07a432686256089532a2eae170cd41c9e95aeea8 49336 otrs2_5.0.16-1+deb9u2.debian.tar.xz
 960222a0fe0bf4d45cfc007d346c4daa07c738dd 7053058 otrs2_5.0.16-1+deb9u2_all.deb
 102937f5fbb265d12bb03462a7c033f064ad2b74 7244 otrs2_5.0.16-1+deb9u2_amd64.buildinfo
 7f076896f13bf4bf58302d75bfb8aff9a6595623 213016 otrs_5.0.16-1+deb9u2_all.deb
Checksums-Sha256:
 65e92d009a89eefc3f63d3548d854b49d7bb7c7e3635823bee136ae0b3308f5d 1838 otrs2_5.0.16-1+deb9u2.dsc
 ddec039990c1bdfc27299ab175eff3e1665aa99ba48050f7f2dde480b28f4029 19417591 otrs2_5.0.16.orig.tar.bz2
 41f0e5896b4e6c057cdc832284d300d783111d1a0bda07d273aab162cf5ec9f5 49336 otrs2_5.0.16-1+deb9u2.debian.tar.xz
 e4d8e1e7859f360dce30a4fbf91e82ead507610c3ebace0e492f64bcf59b93e3 7053058 otrs2_5.0.16-1+deb9u2_all.deb
 27dca46f41693309b5c7b612c93d77f34bc235bf1f9f84332b24acfbb29f8e11 7244 otrs2_5.0.16-1+deb9u2_amd64.buildinfo
 dbd387ecf16b9314a361b3405e9b7864bbff7eb17d05e947270e6d6066bf7843 213016 otrs_5.0.16-1+deb9u2_all.deb
Files:
 86ce04c7c2f5062cf263223bd1a373c9 1838 non-free/web optional otrs2_5.0.16-1+deb9u2.dsc
 9fe21e6993bcac71247fdcaf5e1f4e55 19417591 non-free/web optional otrs2_5.0.16.orig.tar.bz2
 66cd6c830e1844ae341f8182d64b8f5a 49336 non-free/web optional otrs2_5.0.16-1+deb9u2.debian.tar.xz
 62d6b4e61ba29715a47e12ea7a912a4d 7053058 non-free/web optional otrs2_5.0.16-1+deb9u2_all.deb
 56d00a735d6c411f884f5fbc462ac74d 7244 non-free/web optional otrs2_5.0.16-1+deb9u2_amd64.buildinfo
 1494511f24abab4e879e33a38b278b99 213016 non-free/web optional otrs_5.0.16-1+deb9u2_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAloAcc8ACgkQEtmwSpDL
2OTSNw/9GAwal8NbhrRyNn1RvxWF8msT48ES0NFUL0gmc0jQTRPtsEY1c01wV2Hm
jiAHhRcfM3CUxQuF7gO/EazVDcotl8JunHOFvqgiOiJG+fSpkJK9l7DoWGLtba88
BtYlaAuuwrAAhm9YOilNKMrrOKspOhAL4F8o7P/V61X7W9IOjfIuCeAijP47BCX2
p6MwNBfNhF7L9fNoVLMoZMgUMpkkvEgUx1tJSf4lX1dOLlnPOiDAKtuB5zcQuorb
jwu9MHPKWUGo6qVoKJ7KLyjrKgmTWxpbYsI0Yfr2IZWdwLwqhaqWcD7wQv/7A0xo
99dwoEwKh9+aXD4169W0sR3VJElJxO3bSK/sYNXJfSJOGo5XxASi1x+zDLOaBFU2
CI4xUTICEHxZ1gV0iCvJL8oS0jUyd8XXtRO30GiegC/OQ1sKTPu4TLEfJLGVF817
7LlpfSsE8styOc3vrO+CFxTj/2TICy4fC5Pe14+aunO5uAz2rFlNarmyfwNCafuo
GRTw7gImeOCEVDo9iwSjdq/OOKWhHfyh6xpZx7YErVvq8VvXdkFvmVolYHonxNKM
OjYAKvJw7HD3VZAyWg0VCyh8pOJ9/nyb09eij7OPDCOxiIidd/+WuPlh18TaqX4Y
Vw1s9UeVAptq78EtZuww6hUmUwsozbhLksIuX2ajjbO7o1IU9Ko=
=IWgL
-----END PGP SIGNATURE-----
Reply to: