Debian Package Tracker

From: Abhijith PA <abhijith@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted otrs2 3.3.18-1+deb8u11 (source all) into oldoldstable
Date: Wed, 14 Aug 2019 06:20:16 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 25 Jul 2019 14:17:48 +0530
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 3.3.18-1+deb8u11
Distribution: jessie-security
Urgency: medium
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Abhijith PA <abhijith@debian.org>
Description:
 otrs       - Open Ticket Request System (OTRS 3)
 otrs2      - Open Ticket Request System
Changes:
 otrs2 (3.3.18-1+deb8u11) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Fix CVE-2018-11563: execute arbitrary stylesheet or JavaScript code
     in a logged in customer's browser
   * Fix CVE-2019-13458: authenticated users can leverage tags in
     templates in order to disclose hashed user passwords.
   * CVE-2019-12746: Fix unknowingly disclose their session ID by sharing the link of
     an embedded ticket article with third parties
   * Complete fix to CVE-2019-12248 prepared by Markus Koschany
Checksums-Sha1:
 d59198a1f04a6cba204d14db26bbbb3247ec3329 1853 otrs2_3.3.18-1+deb8u11.dsc
 7f45cf5336e9ce5d507a935241f042bdfdf85845 21067692 otrs2_3.3.18.orig.tar.bz2
 2a9acf1057dd6c3b4d6361804b90f624fb1cb588 53380 otrs2_3.3.18-1+deb8u11.debian.tar.xz
 4ad8847ace91ed769f6a7746267d75043b889eef 5637366 otrs2_3.3.18-1+deb8u11_all.deb
 5808dc692aef0d13a8ae063105cc40593fd3924b 190092 otrs_3.3.18-1+deb8u11_all.deb
Checksums-Sha256:
 e17e8132c140d879f229fd868300c0117848a3483512e1dc88b4c37260f1b090 1853 otrs2_3.3.18-1+deb8u11.dsc
 9d6e4e44316c6812f35618be50d8951a0c2e0d917752610fada936c466bea453 21067692 otrs2_3.3.18.orig.tar.bz2
 363b3059fac454cf1e5ebfbc94f638336a2c7799037651b9e6bb499865272ae6 53380 otrs2_3.3.18-1+deb8u11.debian.tar.xz
 f91e8f69a4a7dc6fab40e43f9183c0f401f8517ed4c1499d4e3d745c05b70a9d 5637366 otrs2_3.3.18-1+deb8u11_all.deb
 2afd7ec3bdfa90613fd0eb03cb0d3d8ee946ff51f1b27d9873e6c4f764988b38 190092 otrs_3.3.18-1+deb8u11_all.deb
Files:
 1d06a8b6b9cd4f165d5580c0782abc5d 1853 web optional otrs2_3.3.18-1+deb8u11.dsc
 b3375dfa09a2ec3c4cebc7ad74d55e0b 21067692 web optional otrs2_3.3.18.orig.tar.bz2
 4960ca4c496b66a24796d7191bd08e51 53380 web optional otrs2_3.3.18-1+deb8u11.debian.tar.xz
 6ea58e718ce9512178fa5df41d5a8b1d 5637366 web optional otrs2_3.3.18-1+deb8u11_all.deb
 8f75ca888b8a1d1cfa5a0bd97cec352b 190092 web optional otrs_3.3.18-1+deb8u11_all.deb

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAl1To08UHGFiaGlqaXRo
QGRlYmlhbi5vcmcACgkQhj1N8u2cKO9pqg/9ET16S4F32T30JFCNNHPXYKY4CXaJ
oevk/VmOIsWEnXSVsZVUD2ghrKin0GdDMjzF0Pmqyrn8rbXGqVx3nfu88mW9m/59
JslVrwB9JggfX9ZDlV+DhqDAutnfFhl3Avr6JtcuLI9q4viIgQS5ymJhvnIxspWP
MBH6K2PFW2yDDOA7kyh3FcZuhF00is8WVAvEimpKGI3jMhkBY6jIRfw637CwEc+o
CbICo3zuRIjJtXpi7IWanpseGRhgnwwQuwffagcYq1NsUF7E9d1YWl/aixobJD/u
ccoBx/J6Ok5H39i0Dd+IDX13NIoAv894uAHDbUhZLnlCK67wG6rljMWMtHhtgpoy
V5Sa0uyOdmsLU93CT69eD2zbwLuXbxwmTg0l0IF8NXLjA4Vr8aeTC6sZTvPM69cX
V2mvQ3tO9WpsUrjRyvLII/ZJ4CUA59gFR+mlgl0XN4jsFgIf7wt0LRBvqZ3O5mmL
fAw2FNJkYPTN6236H2oCeoNgG/6PCIo0dW5OAenO3zfiGiM8jCKs3sQNGTbr8w5x
Xs/Q/jNYoIT1EhZ1I3b+RFiX9ZUxc10C4Seq8IKSXPlmuj+5H66s31yz7UCV/8dO
9QvAipznFXqn+IFJpRdfB/Xf7M7ZuqtRwC7Ht9Tjo54eXo7fN6/5DvexolijZVT9
ypx1tXPGolf05f0=
=u/w0
-----END PGP SIGNATURE-----
News for package otrs2
