Accepted otrs2 6.0.13-1 (source all) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 09 Nov 2018 10:22:44 +0100
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 6.0.13-1
Distribution: unstable
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Description:
otrs - Open Ticket Request System (OTRS 6)
otrs2 - Open Ticket Request System
Closes: 909160
Changes:
otrs2 (6.0.13-1) unstable; urgency=high
.
* New upstream release.
- Fixes OSA-2018-07: An attacker who is logged into OTRS as a user may
manipulate the submission form to cause deletion of arbitrary files that
the OTRS web server user has write access to.
- Fixes OSA-2018-08: An attacker who is logged into OTRS as an admin user
may manipulate the URL to cause execution of JavaScript in the context of
OTRS.
- Fixes OSA-2018-09: An attacker who is logged into OTRS as an admin user
may manipulate the URL to cause execution of JavaScript in the context of
OTRS.
* Correct instructions to use the package manager.
Closes: #909160
* Merge 6.0.12-1~bpo9+1 and 5.0.16-1+deb9u6 changelog.
Checksums-Sha1:
05b2693a0f183170ae439526d22eefc09af41626 1811 otrs2_6.0.13-1.dsc
9dea329b53b0b7f9bfa2a014c974ac55d37a9b2e 24898464 otrs2_6.0.13.orig.tar.bz2
f667a01e06e28b0355c112906b8a08b8fc0695c7 29436 otrs2_6.0.13-1.debian.tar.xz
6e6afc2a9d3a94295e3f1889be83dc1c94a3741f 9628736 otrs2_6.0.13-1_all.deb
a6a1614e4d021a66c2fc3f149bde3a26c18958bc 6374 otrs2_6.0.13-1_amd64.buildinfo
2d81da1bc112591a0a86a4ce9749201862c4de68 246324 otrs_6.0.13-1_all.deb
Checksums-Sha256:
d995f5ce4dca21f190c0ee0f8cd7625b171a43d4984dd6c40ef5192a28456ceb 1811 otrs2_6.0.13-1.dsc
50853fa935f2deb9f0e6f471517c06932791c891cfaff1674241b7be3399661e 24898464 otrs2_6.0.13.orig.tar.bz2
b96104721f24505340ddec83bdf34cbb8e72077b2161679449e0d8087c1843d5 29436 otrs2_6.0.13-1.debian.tar.xz
ff1a32e7c369d63fe96cfd4c9b4552be32d5bb903c9dfc1f66e22d9cd3b32183 9628736 otrs2_6.0.13-1_all.deb
4f342351f2b2b1e2a9e85ef2e5a50c2e4b198e91c57bb463345196bc8360cfa6 6374 otrs2_6.0.13-1_amd64.buildinfo
cfd9a2ee91b6dafe016c9475f6198ecf6b8fca30886ccad95f536d4ef36ddbe1 246324 otrs_6.0.13-1_all.deb
Files:
9dc265ebf1770a5ba8c9dd9b833b507a 1811 non-free/web optional otrs2_6.0.13-1.dsc
e505eaa5602dc3cc3536ae359bd21f4f 24898464 non-free/web optional otrs2_6.0.13.orig.tar.bz2
ac1e01149627a4d4e15bc3c94e8c28c8 29436 non-free/web optional otrs2_6.0.13-1.debian.tar.xz
31c17ace2b338bfe12f5685cfdc78f68 9628736 non-free/web optional otrs2_6.0.13-1_all.deb
800eb5456d50b65c2f0ec38c519e1d23 6374 non-free/web optional otrs2_6.0.13-1_amd64.buildinfo
7f7da8069f42a6f0279b4c4e8698e0aa 246324 non-free/web optional otrs_6.0.13-1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAlvlU30ACgkQEtmwSpDL
2OSqmxAAg50nVEUHoqkSmCtY/MsHMH3WvVJtz+yj5oH9AXcfuSu9CpP1wL8J5DWb
yyKOz4BV986txd4YH7hMHokoryTZ6BDjtubZ1W/8tzyQAtxN8JWqg2FMGYoTFFKi
8jIG0lpS+20B4xEPT5KV0rCihl5A1EUSfNJcPfB0o8e16uuHidSBYoSn+s/VZFbf
rHyG02wh5scE96cX7pldWRYsb9ssaUgEknRxFBie2pC2dULOuP6S+LsIWTbCmW6i
9hUPrmrAkXp7IJK/jCieT3/pQ44xGEzDeh3zBtVhOF6JdiA+IIvhLjCcyzD9rrv3
lhzaWIhwJzKvCb6N4sXvQ3961pVsshPKxixqyWfTl1gaHMeH2oa65Q5acKeRN+AW
217psiPmTsZ56ZhDFPQ1VpnO0SK+UbAPM4aBy8NsX2QY1eNICJl8OeGELqOusbtd
PYBwU4FHNR7kLIUDhdhzoUaOIw6mtfK60FmWSrNpEOQCWa0e+i2oGqN2ePC+0Fln
2aTU6rF+ngaBOReqFW7Hhwb7bicSAgntHtVhGov6bDs4FBOwYS9mK45VZJEoJ4XM
KqEkGozklciH5tSr2nZ7a2rXysbm8cUErBazG3f0VVknuUGnccZtKCALkI0rsAhB
R1doABfgCU3IPjuSXFUPirR4ezSQmqQ50OI/isaHGZ3bsmqgmLA=
=S25A
-----END PGP SIGNATURE-----
Reply to: