Accepted otrs2 5.0.23-1 (source all) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 28 Sep 2017 10:42:32 +0200
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 5.0.23-1
Distribution: unstable
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
otrs - Open Ticket Request System (OTRS 5)
otrs2 - Open Ticket Request System
Closes: 876462
Changes:
otrs2 (5.0.23-1) unstable; urgency=high
.
* New upstream release.
- This fixes OSA-2017-04, also known as CVE-2017-14635: An attacker who is
logged into OTRS as an agent with write permissions for statistics can
inject arbitrary code into the system. This can lead to serious problems
like privilege escalation, data loss, and denial of service.
Closes: #876462
- Refresh patch 07-otrs-business-check.
- Refresh patch 09-disable-DashboardProductNotify.
- Refresh patch 11-do-not-test-file-writes.
- Refresh patch 14-font-paths.
* Bump Standards-Version to 4.1.0 (no changes required).
Checksums-Sha1:
23630e93793b37ea60d0328715da83e4e60b7df8 1811 otrs2_5.0.23-1.dsc
3bf7973acea1871d54dc7950203543b801747c29 20617459 otrs2_5.0.23.orig.tar.bz2
6db4263d55e03d709881308390f9541c985a8a01 45448 otrs2_5.0.23-1.debian.tar.xz
217565ba8a812664725c7e27fe2bc1dbf12e23e4 7423940 otrs2_5.0.23-1_all.deb
139268e037e87e74c18767456b455a069a4af3d8 7461 otrs2_5.0.23-1_amd64.buildinfo
670dc22b6666b1dc5f8a8ae016036070bbe6537e 221318 otrs_5.0.23-1_all.deb
Checksums-Sha256:
f32c8e8424991b32e4935619a984a802e95d18280aa9398e8b058541d6335c40 1811 otrs2_5.0.23-1.dsc
5e12affbccde0cae5738de1d0c7334e655b4c373ea668913ec54f31564b128c4 20617459 otrs2_5.0.23.orig.tar.bz2
b0872483e218162df871ce7f8dff030df2cc1bbb87d48555d25ecc19ee97010a 45448 otrs2_5.0.23-1.debian.tar.xz
df5e2cb57db60cda963bccfbf7377916b4ec3db9c4e8af223ef98923c4bd20cd 7423940 otrs2_5.0.23-1_all.deb
7ee2f0da08d24bd624a5ea67d55914605b0589b58fdb6d74b4a972150d893000 7461 otrs2_5.0.23-1_amd64.buildinfo
0151020298c855e189df8220e3abf1a9e9e17581e5e622ded60767c2eed5861e 221318 otrs_5.0.23-1_all.deb
Files:
14b2e3fc8fb2c5a4d07798b6d621cce4 1811 non-free/web optional otrs2_5.0.23-1.dsc
28ab33486648dd4f6f994429636d9c27 20617459 non-free/web optional otrs2_5.0.23.orig.tar.bz2
10ef95fa4d183638cecb82c1b3552d63 45448 non-free/web optional otrs2_5.0.23-1.debian.tar.xz
cc0334c9696939d6620d59ebc98d88a2 7423940 non-free/web optional otrs2_5.0.23-1_all.deb
9f638b8fb891af99583f894357ac6ac2 7461 non-free/web optional otrs2_5.0.23-1_amd64.buildinfo
b70edd934a2734902995dd19d0c10ef1 221318 non-free/web optional otrs_5.0.23-1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAlnMt6gACgkQEtmwSpDL
2OTPEg//VE248Gt8A9I4fobIPiAeFDBELtmjgR6tm0CRgY8SGE9B1cLb+68jweIZ
GJDAVWjvvFeRlKq0XtAO8gbtCstrM63My/zvc5Tb7oUcXGGJn8uxRzSO5qRA1rti
pZ7BvqtTfLL9YoGvpeW8JQyki+xI3U2N7GuM1Wpd8W4E3y1DS672rFe0bInFJ9sZ
H4Z2Q9032+2j2dKXYu7Tyvtp9dIX8GYVah3IeBXs/py7IZkflBJojuT10Enm85a7
UKSLw40FOb50JJ6i/Ym4RgTCVGy5yzsi3eIbtkr5MdlTvUiOW/xCHc6no2wRZbSM
AG/BfNbBjjmUiOPZR1Uwv0IyCORw9+brRc495YVOIRmevaRZYuS461cDf1yqWHI3
bsxnLwBsaN+X3JuV63sKXjaYg3wJtYWwbGYIfQpudpkDUG4Yh9T2gS+45vRSE0oI
DmoY9feQkI0zb/N4R0K9GmECxGtU5FLX/i4u4tMJBgVZqi2c2xXOMdcHx87/DRcG
SEWUsuPnjGtEDzDM+KpKl74oueQSRA4liCPBIGbfltzW84xO8r0UOl04dRd/0LcW
Otr5BeK2AtsFthzN/sffRJ11IVHuG2hHHr4oLqHw1I2ZR1Jax5gURkyWknf9aNBX
uYMG+QcCsaM08M4uYA8M9rIe2LgUxuE2Up3ZGYEKSI0SIWusZX4=
=3Lx0
-----END PGP SIGNATURE-----
Reply to: