Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted otrs2 6.0.32-5 (source) into unstable
Date: Fri, 18 Jun 2021 13:36:23 +0000
Signed by: Patrick Matthäi <pmatthaei@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 18 Jun 2021 15:10:23 +0200
Source: otrs2
Architecture: source
Version: 6.0.32-5
Distribution: unstable
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Closes: 989992
Changes:
 otrs2 (6.0.32-5) unstable; urgency=high
 .
   * Add upstream patch 14-ZSA-2021-03: There is a denial of service issue, when
     a mail with a special crafted url is received. This can lead to a maxout of
     the available server-CPU(s) and can reduce the quality of service or even
     bring the system to a halt. This addresses CVE-2021-21439.
     Closes: #989992
   * Add upstream patch 15-ZSA-2021-06: There is a XSS vulnerability in the
     ticket overviews, which can used to extract all kind of information just
     by having a e-mail shown in an overview. An attacker can send a prepared
     e-mail to the system to trigger the attack. This addresses CVE-2021-21441.
     Closes: #989992
Checksums-Sha1:
 1f5675aa54ee006da581ec852ef4079bb67006c0 1824 otrs2_6.0.32-5.dsc
 d56d7f4d542776fe673747f84689742da31ebe52 43068144 otrs2_6.0.32.orig.tar.gz
 1b086d99fb97a6a5365fe120cbdd22f1b68ff943 38968 otrs2_6.0.32-5.debian.tar.xz
 aa5365d85e7a285af112bbf6162a55423981b4c5 6067 otrs2_6.0.32-5_source.buildinfo
Checksums-Sha256:
 1aca9454ae03873cf17fca1de73370ebc380d3e39de6ebe5d515cdc2df446818 1824 otrs2_6.0.32-5.dsc
 c0db57d08038fa0f74000eb18c6995fbb4a74c4e0c97fc2f349f1bbb4c4b61da 43068144 otrs2_6.0.32.orig.tar.gz
 d71efc24c71134799cc658439d7a306df7464d08750e448083b226dec0f52351 38968 otrs2_6.0.32-5.debian.tar.xz
 dfc611167e1ed43ec71b8f41dba5613477acde7918585cfae4cc6b5f804258ae 6067 otrs2_6.0.32-5_source.buildinfo
Files:
 6b380bd1d0e6b67dbc35df744aac445d 1824 non-free/web optional otrs2_6.0.32-5.dsc
 68c8bb26bef63d59e3aa1291b8d54543 43068144 non-free/web optional otrs2_6.0.32.orig.tar.gz
 c8f94d73026510502c3f2cf73aa3ad0d 38968 non-free/web optional otrs2_6.0.32-5.debian.tar.xz
 d35825edf1f925dd2a4b078bfa023329 6067 non-free/web optional otrs2_6.0.32-5_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAmDMm2QACgkQEtmwSpDL
2OSLmw//Xhy5d36NW6c18JzjORwUuHwh4Ggc43D8MJJ7uRG+bX1i/VWkDq8B7zYm
cAc0jE0LWDslGnT+pAR47P+A0Rw20tZIUGK8iO/kfKuGzjDs/H7ZXhnSrDHzFPyq
8rfbRN00yqndRFzG7HpSAH1mf/hKgryxFzfvXO0RhOIQy18amm3vTlQ3ux5dmqTF
L1uvoW91B15sPl8Uy1Et0HpF7N/s36KniQH79fr/Y7OAbOUse3z4D+BthgANrgGc
aBUlAICQ+Y4+bDkpxM9aHxDw2vYUowD3bZeXl4E2cJj9sLVwk/pCPeRRW8kHSNXX
M3ileAi8poXhhUMMBQ40I0sK4Nai51VrO/5HS1iZVBF1y7Qu7950do8H4kpIzwAy
UTcXm6Ru07Udyplxf+r9VoMEPzV3vmvb82AIlAZXufLzTrC0Mzl1nc53ifa7DlVm
6gLME3x7DJbyStnQh7uSnG7Gb13phcT1tYJqo4oEjubn7zNSeXhn9pt8JAwlobCF
K9/z9gIPFj/yk2mNIqt7KcSq4R9YhUnU8id9G5oBC6MRrJHal+AFdbkaA9rY75YL
otplclRfv+846uDaUxEf9N+HpY3HVoUmMSrg8pwaiAyzWRSuBgXwiwpZ7sSzhUAW
Qd76zLy1B1LC2e+DqQQdbZdy3zIW8T6tJ0pM8fyrnNmTCmBvuFc=
=mBbQ
-----END PGP SIGNATURE-----
News for package otrs2
