Uff, that is pretty much :/ -------- Weitergeleitete Nachricht --------
Hello Patrick, all related commits for OTRS 5 fix regarding this vulnerability are listed below:
Let us know if you have any further questions. 28/09/2017 09:31 (+1) - Patrick Matthäi wrote: Hello Martin and everyone else,
could you help here? Is this the correct commit for CVE-2017-14635? -------- Weitergeleitete Nachricht -------- On Fri, 22 Sep 2017 16:31:00 +0200 Salvatore Bonaccorso <carnil@debian.org> wrote: [...] > Unfortunately the patches are not referenced, so must be researched in > the repository. I had a look at this issue. I have found https://github.com/OTRS/otrs/commit/a4093dc404fcbd87b235b31c72913141672f2a8[..] which was introduced in version 5.0.23 that fixed the vulnerability. It is the only commit that mentions the keywords agent and statistics but I'm not sure if the commit is sufficient. I suggest to contact upstream about this and ask for a clarification. Regards, Markus Regards, Dusan Vuckovic -- OTRS AG Zimmersmühlenweg 11 61440 Oberursel Germany E: sales@otrs.com I: http://www.otrs.com/ Business location: Oberursel, Country
Court: Bad Homburg, HRB 10751, VAT ID: DE256610065 More information: Solutions | Success Stories | Training
|