Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-backports-changes@lists.debian.org>
Subject: Accepted otrs2 6.0.32-5~bpo10+1 (source) into buster-backports->backports-policy, buster-backports
Date: Thu, 01 Jul 2021 09:32:58 +0000
Signed by: Patrick Matthäi <pmatthaei@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 23 Jun 2021 13:43:44 +0200
Source: otrs2
Architecture: source
Version: 6.0.32-5~bpo10+1
Distribution: buster-backports
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Patrick Matthäi <pmatthaei@debian.org>
Closes: 980891 985751 989992
Changes:
 otrs2 (6.0.32-5~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 otrs2 (6.0.32-5) unstable; urgency=high
 .
   * Add upstream patch 14-ZSA-2021-03: There is a denial of service issue, when
     a mail with a special crafted url is received. This can lead to a maxout of
     the available server-CPU(s) and can reduce the quality of service or even
     bring the system to a halt. This addresses CVE-2021-21439.
     Closes: #989992
   * Add upstream patch 15-ZSA-2021-06: There is a XSS vulnerability in the
     ticket overviews, which can used to extract all kind of information just
     by having a e-mail shown in an overview. An attacker can send a prepared
     e-mail to the system to trigger the attack. This addresses CVE-2021-21441.
     Closes: #989992
 .
 otrs2 (6.0.32-4) unstable; urgency=high
 .
   * Add upstream patch to update jquery-validate from version 1.16.0 to 1.19.3.
     This fixes CVE-2021-21252.
     Closes: #980891
 .
 otrs2 (6.0.32-3) unstable; urgency=medium
 .
   * debian/watch: Adjust github URL.
   * Adjust symlinks to the dejavu fonts and remove obsolete ARCHIVE symlink.
     Closes: #985751
 .
 otrs2 (6.0.32-2) unstable; urgency=medium
 .
   * Uploading to unstable.
Checksums-Sha1:
 67804c7fdc03e1196132304b69e9a10ffd6a7814 1856 otrs2_6.0.32-5~bpo10+1.dsc
 d56d7f4d542776fe673747f84689742da31ebe52 43068144 otrs2_6.0.32.orig.tar.gz
 0be97148e9f560c36a635912aa77d6abd528c432 39016 otrs2_6.0.32-5~bpo10+1.debian.tar.xz
 698962613d287dba99c0d0491f6448ecdb6d35eb 6099 otrs2_6.0.32-5~bpo10+1_source.buildinfo
Checksums-Sha256:
 2144f927a9d5b65c8af430d7d8eb9edd64cdac78f7e2d742f8280422db22b57a 1856 otrs2_6.0.32-5~bpo10+1.dsc
 c0db57d08038fa0f74000eb18c6995fbb4a74c4e0c97fc2f349f1bbb4c4b61da 43068144 otrs2_6.0.32.orig.tar.gz
 807e8ef819867965f5400d2d841c0de452bce1941bd3b3ab29a3b8b512e12cad 39016 otrs2_6.0.32-5~bpo10+1.debian.tar.xz
 592baaf0fc28745fa6fbaaa157232b554b9d7afe506b850d8e39633ab578657e 6099 otrs2_6.0.32-5~bpo10+1_source.buildinfo
Files:
 270e0e71a951ddc1868cfee20b160f14 1856 non-free/web optional otrs2_6.0.32-5~bpo10+1.dsc
 68c8bb26bef63d59e3aa1291b8d54543 43068144 non-free/web optional otrs2_6.0.32.orig.tar.gz
 5ee2da7b977b6eca4850ea67f053af42 39016 non-free/web optional otrs2_6.0.32-5~bpo10+1.debian.tar.xz
 888830c346f1d87683815d876a757482 6099 non-free/web optional otrs2_6.0.32-5~bpo10+1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAmDTHqIACgkQEtmwSpDL
2OSjNw/+OG6/8Ga/O0KDerfdmw+YuwcexSIopPYBul92XRlT/LdaSZDoP23FoGSA
Mk7IE3nm8ghT4qA+g6fdE3itsMkWfeCbts8pkT+epNiMeuRSPrtbSBqNBppvidql
o0bCdxxdBL7ahrhc3Kb8omu6u9v3Yzb5LYx+oEMEiDQFTDgtjVxCR0clU3PeDq3T
XfDRTaAyfxR8fraTUGaTo+FA1UDmxYGc6LYLwivrUHG+3/29bI0GYBWQBmjNQTy4
G3+Pi24KpTO1B45Xqdk9ZPh/UAYERQhYQsNKRZB+JWngofHukzHfR3++Io1t1YOn
KQ+sr+GUqdLmttPTQIYPwYA5QuIz4O/S4kdS3nnSRzd2POTRjgYxry8+UKFHp4hD
BkmZd/740QNWeNRDTtsUGJ1CKTLlxCS+Wr1kToLkyw7jbPjcfnPCNQciZCJReSBC
XzAFxZxgkMTMgMZd4nU5iMeM/exCZzunJDmd4Ny+hy4UnNugmCExBMns35G/Few5
RPmegOwAZt3Ktp4/sZItgVG7QPHeBzmJUkWu3g5VMoF594BxaCwQ3FAvlRRESvN2
AgnT031EjIE14gpYEQ6KFsGQeGNitLDeee56U1KTvplsvM26qxr6bjvZxJPFMt1v
krpl36OTJfB7t1NBpGm7btNOufQmcY7GG16U0qTmxlBbUCQOwnU=
=cxon
-----END PGP SIGNATURE-----
News for package otrs2
