[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted otrs2 5.0.24-1 (source all) into unstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 22 Nov 2017 16:33:29 +0100
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 5.0.24-1
Distribution: unstable
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
 otrs       - Open Ticket Request System (OTRS 5)
 otrs2      - Open Ticket Request System
Closes: 882370
Changes:
 otrs2 (5.0.24-1) unstable; urgency=high
 .
   * New upstream release.
     - This fixes OSA-2017-07, also known as CVE-2017-16664: An attacker who is
       logged into OTRS as an agent can request special URLs from OTRS which can
       lead to the execution of shell commands with the permissions of the web
       server user.
       Closes: #882370
   * Merge 3.3.18-1+deb8u1, 3.3.18-1+deb8u2, 5.0.16-1+deb9u2, 5.0.16-1+deb9u3
     and 5.0.23-1~bpo9+1 changelog.
   * Use secure URI in debian/watch and for the homepage field.
   * Bump Standards-Version to 4.1.1 (no changes required).
Checksums-Sha1:
 8fe974b41b240e6efd5e799cbb86638c37f4a530 1812 otrs2_5.0.24-1.dsc
 8444fe941050238cc6aaf8e53d0de832731a6719 20661272 otrs2_5.0.24.orig.tar.bz2
 5558202e60d527cb23d93df7fbcf43064139fc8d 45752 otrs2_5.0.24-1.debian.tar.xz
 1e341365ab8a481f959b383af395a132ed91fcb9 7425784 otrs2_5.0.24-1_all.deb
 50cac87a2bfe1aca9d466d8c02edbd4ff9c52c6c 7481 otrs2_5.0.24-1_amd64.buildinfo
 4c789dfeb7015e7a7dc9f42affdcb61a1ae6ec3e 223008 otrs_5.0.24-1_all.deb
Checksums-Sha256:
 185829602e12e8b6766bf69a7f9eedae8c1e7435b7f10be958503f6d98cf9f2d 1812 otrs2_5.0.24-1.dsc
 b7171baaf5252a763f858ea3ae3b44ad1024eb722834852dcddb0117d8cbf261 20661272 otrs2_5.0.24.orig.tar.bz2
 bf827bacc83219e24b2fcd773700bd412baeed7b76abaa2c5a73b1c175623284 45752 otrs2_5.0.24-1.debian.tar.xz
 214b2e01f9f51de10421eaa96884d3d3bf5dcfe20c20648fdc6aab3cf1ae1fc5 7425784 otrs2_5.0.24-1_all.deb
 c82f3136d4145f40a9065c0802f8b5d68e2edbdb39f43df2666709354c6d5291 7481 otrs2_5.0.24-1_amd64.buildinfo
 fbc88d284f990c54f096c5785f454cdb6d6e1bcdab767c6014972b5cb73e1e65 223008 otrs_5.0.24-1_all.deb
Files:
 63d5ebdff2a34ea14db9a672ae882486 1812 non-free/web optional otrs2_5.0.24-1.dsc
 e04711ff0b13d1b11475554b9ee6ee4d 20661272 non-free/web optional otrs2_5.0.24.orig.tar.bz2
 fb454ed1c3812951c15a56738b9d1028 45752 non-free/web optional otrs2_5.0.24-1.debian.tar.xz
 0e1404f2716335a2cf47a4483df550e5 7425784 non-free/web optional otrs2_5.0.24-1_all.deb
 1b6ee4b562479ba915093d82c5457855 7481 non-free/web optional otrs2_5.0.24-1_amd64.buildinfo
 12b442cc9b8fb2d09c3b6dd4f2b94b26 223008 non-free/web optional otrs_5.0.24-1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAloVmdcACgkQEtmwSpDL
2ORpvxAAp82wEfgKl1tT+Md6ONQS6UXNH6bo2Y1PorOwzdADwAAz9VZjWNfhQMt4
EsLQJiyyW0hayi78hz410jcWSY0Xn/R5/WipjD7/zZPCZI1nfiJwzNQetiIC8G6s
GRcHi88gDc0wratChX/5hygNdY5B/J+dIcWRar2g8qEW9HayVTJBHMxMB8H9j9H9
LT+1qqWdfHsJVkSaqzKgstdZa4NLIzp6hQkenyPLWhxxX62yeqnFUCxKMPa/NOs5
M3YfUhRXGEtqfr7QrzQN9z0ulUH6wnDCg9mFSsuUfD7AuBOHmh1+jQ0zn6Aex6HY
q26zd8z/6Ipoz84nhY4OwbE4UZPYySpKnWI7AXNNsbVBvdQfZOj2d6UKovUKgqcB
OpFJZlxAOHGcGMHFAXmHjVkrFI4/SMUn7+qfDMinqVASYjf0iXs2OIIIlhdgGQeQ
+3qSm8+4CIEUyAG9APe4W8Oa4cOSTrUwwXau7jz0buL8ZDSY/5/Rp32snkCdx1Xe
LWtuMyUqPEZb5hUbUIxwVv5bvZJCVnjzKij4qn7CaXXTgwdgE6vKF/WoelKOgO3s
73rMzyqv0yWhi3DmLZa4t8XoaDRwEs/k2DqKHpTe5DVd64b2126HG/nSCzcZe8KR
Ah4qq7BPKJnHqiP972XO7WIHobC6KdpPz4PVn45pvUq2WV8c3GM=
=QVpH
-----END PGP SIGNATURE-----
Reply to: