Accepted otrs2 3.3.18-1+deb8u11 (source all) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 25 Jul 2019 14:17:48 +0530
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 3.3.18-1+deb8u11
Distribution: jessie-security
Urgency: medium
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Abhijith PA <abhijith@debian.org>
Description:
otrs - Open Ticket Request System (OTRS 3)
otrs2 - Open Ticket Request System
Changes:
otrs2 (3.3.18-1+deb8u11) jessie-security; urgency=medium
.
* Non-maintainer upload by the Debian LTS Team.
* Fix CVE-2018-11563: execute arbitrary stylesheet or JavaScript code
in a logged in customer's browser
* Fix CVE-2019-13458: authenticated users can leverage tags in
templates in order to disclose hashed user passwords.
* CVE-2019-12746: Fix unknowingly disclose their session ID by sharing the link of
an embedded ticket article with third parties
* Complete fix to CVE-2019-12248 prepared by Markus Koschany
Checksums-Sha1:
d59198a1f04a6cba204d14db26bbbb3247ec3329 1853 otrs2_3.3.18-1+deb8u11.dsc
7f45cf5336e9ce5d507a935241f042bdfdf85845 21067692 otrs2_3.3.18.orig.tar.bz2
2a9acf1057dd6c3b4d6361804b90f624fb1cb588 53380 otrs2_3.3.18-1+deb8u11.debian.tar.xz
4ad8847ace91ed769f6a7746267d75043b889eef 5637366 otrs2_3.3.18-1+deb8u11_all.deb
5808dc692aef0d13a8ae063105cc40593fd3924b 190092 otrs_3.3.18-1+deb8u11_all.deb
Checksums-Sha256:
e17e8132c140d879f229fd868300c0117848a3483512e1dc88b4c37260f1b090 1853 otrs2_3.3.18-1+deb8u11.dsc
9d6e4e44316c6812f35618be50d8951a0c2e0d917752610fada936c466bea453 21067692 otrs2_3.3.18.orig.tar.bz2
363b3059fac454cf1e5ebfbc94f638336a2c7799037651b9e6bb499865272ae6 53380 otrs2_3.3.18-1+deb8u11.debian.tar.xz
f91e8f69a4a7dc6fab40e43f9183c0f401f8517ed4c1499d4e3d745c05b70a9d 5637366 otrs2_3.3.18-1+deb8u11_all.deb
2afd7ec3bdfa90613fd0eb03cb0d3d8ee946ff51f1b27d9873e6c4f764988b38 190092 otrs_3.3.18-1+deb8u11_all.deb
Files:
1d06a8b6b9cd4f165d5580c0782abc5d 1853 web optional otrs2_3.3.18-1+deb8u11.dsc
b3375dfa09a2ec3c4cebc7ad74d55e0b 21067692 web optional otrs2_3.3.18.orig.tar.bz2
4960ca4c496b66a24796d7191bd08e51 53380 web optional otrs2_3.3.18-1+deb8u11.debian.tar.xz
6ea58e718ce9512178fa5df41d5a8b1d 5637366 web optional otrs2_3.3.18-1+deb8u11_all.deb
8f75ca888b8a1d1cfa5a0bd97cec352b 190092 web optional otrs_3.3.18-1+deb8u11_all.deb
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCgAyFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAl1To08UHGFiaGlqaXRo
QGRlYmlhbi5vcmcACgkQhj1N8u2cKO9pqg/9ET16S4F32T30JFCNNHPXYKY4CXaJ
oevk/VmOIsWEnXSVsZVUD2ghrKin0GdDMjzF0Pmqyrn8rbXGqVx3nfu88mW9m/59
JslVrwB9JggfX9ZDlV+DhqDAutnfFhl3Avr6JtcuLI9q4viIgQS5ymJhvnIxspWP
MBH6K2PFW2yDDOA7kyh3FcZuhF00is8WVAvEimpKGI3jMhkBY6jIRfw637CwEc+o
CbICo3zuRIjJtXpi7IWanpseGRhgnwwQuwffagcYq1NsUF7E9d1YWl/aixobJD/u
ccoBx/J6Ok5H39i0Dd+IDX13NIoAv894uAHDbUhZLnlCK67wG6rljMWMtHhtgpoy
V5Sa0uyOdmsLU93CT69eD2zbwLuXbxwmTg0l0IF8NXLjA4Vr8aeTC6sZTvPM69cX
V2mvQ3tO9WpsUrjRyvLII/ZJ4CUA59gFR+mlgl0XN4jsFgIf7wt0LRBvqZ3O5mmL
fAw2FNJkYPTN6236H2oCeoNgG/6PCIo0dW5OAenO3zfiGiM8jCKs3sQNGTbr8w5x
Xs/Q/jNYoIT1EhZ1I3b+RFiX9ZUxc10C4Seq8IKSXPlmuj+5H66s31yz7UCV/8dO
9QvAipznFXqn+IFJpRdfB/Xf7M7ZuqtRwC7Ht9Tjo54eXo7fN6/5DvexolijZVT9
ypx1tXPGolf05f0=
=u/w0
-----END PGP SIGNATURE-----
Reply to: