-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 21 Sep 2018 16:21:29 +0200 Source: otrs2 Binary: otrs2 otrs Architecture: source all Version: 6.0.11-1 Distribution: unstable Urgency: high Maintainer: Patrick Matthäi <pmatthaei@debian.org> Changed-By: Patrick Matthäi <pmatthaei@debian.org> Description: otrs - Open Ticket Request System (OTRS 6) otrs2 - Open Ticket Request System Closes: 909160 Changes: otrs2 (6.0.11-1) unstable; urgency=high . * New upstream release. - Fixes CVE-2018-16586, also known as OSA-2018-04: An attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to. * Bump Standards-Version to 4.2.1. * Correct outdated SetPermissions example in README.Debian. Closes: #909160 Checksums-Sha1: 3efb3d30749c6ec8bc17cdb4fee30b9434b81e63 1796 otrs2_6.0.11-1.dsc 2f084df2964855c7acfd0f334bf23f0150917964 24514117 otrs2_6.0.11.orig.tar.bz2 05a5af2358c3d51c1d72ebb162a4c2aa5d64b01a 28904 otrs2_6.0.11-1.debian.tar.xz e5e17cdfe5af004fadc4e65d3ec0d09af131dc1a 9551172 otrs2_6.0.11-1_all.deb 0855cb4b57228d076e614341385c4f4f5b2eba8a 6418 otrs2_6.0.11-1_amd64.buildinfo 591c36da72b19b5e1317710f189bf1c7441f982a 245168 otrs_6.0.11-1_all.deb Checksums-Sha256: 2c417048b1169ec9065dd530d36b6f8f0385fbea5bb200759d606a55ff1d33d8 1796 otrs2_6.0.11-1.dsc 459a4ad1c91ff58cd967799a6f5a2dd966514ba333e38cbe4ea688a43ab567de 24514117 otrs2_6.0.11.orig.tar.bz2 279e41b826791fea1c6eb191e380040679554d3700c8565497bf70865eb684d9 28904 otrs2_6.0.11-1.debian.tar.xz 81bedbc865a8cd5a468c8670fd08fe3f719af6feb2a4d92ba6586fabc2016220 9551172 otrs2_6.0.11-1_all.deb f37a14307ec64f064d0a4de6f22e47da1caf3bf90c16511f62f6fc50b4d56c2f 6418 otrs2_6.0.11-1_amd64.buildinfo cb3477e1dc1e08a0f742c4a1796407279de07c989440f894d5d7701eb48c049a 245168 otrs_6.0.11-1_all.deb Files: a98aea2df00a1414cec774b45bd5c51d 1796 non-free/web optional otrs2_6.0.11-1.dsc db1ec748e1eee3284244a68497b3bbf5 24514117 non-free/web optional otrs2_6.0.11.orig.tar.bz2 c33d9a2588dd9938df8b35c71c5f183c 28904 non-free/web optional otrs2_6.0.11-1.debian.tar.xz 83f09a0fe2ddf662668a08ca0c3bfdba 9551172 non-free/web optional otrs2_6.0.11-1_all.deb 86f4fc98a7b3da25705287f63dac2cd6 6418 non-free/web optional otrs2_6.0.11-1_amd64.buildinfo 8ea9818cc4bc138cad8eebefcbabc960 245168 non-free/web optional otrs_6.0.11-1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAluk//QACgkQEtmwSpDL 2OTR/Q/+PqzouJj/nPRLfwwXr6CIdGP16bRmjMFAiqRaFJ8+O/OA7aeREhZuQrY+ 6JIrFhgWxcLB6zYYVrKMJIcqySIubtMYaGD74FfUiIwF8qmFXAXW3rIwb1+HS7Rp uqCJakZjGlk9cnnrj3U9WzNyACdhYkpDzDlLYEF98NA1y9neEyS9koB0NO1RRois pUARCAXSWtQT9bs+XYgTw7urNLUbDpGIEAxE7aioqBBC0770a63dbFDiYZ2u5Cpz m3owLXGqWKaXokO3fOUjlmrTlotbKv/+ER/4OTDb9uxeNKqrwhkAKs2tzej3o6vL KzPdMVaFfNJqgOH+yDMoETpgBxAgFu2lI6kIHJMO72EQkmnwjGd0qz5lqzzyFA8S 52ftabylDHfmPhZPTqe6qhgDn8lVq1xfhKfvLBf476g2t2E5/rPlIuaKVF0g+WmJ 3vq5bo3eKBC84oSOl7Flbsj9m921MrEWVu7i7/psAxIjA9zk5JFdcBagv/c+19bV ZpJSQtDidREhvjmu8W8rFDoty8v3+tNLyPAn928r/dT6f5AIol/e4HVyv9o8YKlV zj3fPzL0qK27m+hkq5QCdeOjRPECX88VvQ3HYXdY7FqLAh1OFj1ynG5Lwh6j07/i Y1lYuCxYOD2talB7M3pVft3LTYneJcaaZ2HHXqnKVJrtMIKn5mw= =H2mY -----END PGP SIGNATURE-----