Otrs2 Security Update for Debian 8 LTS
Posted on: 03/20/2019 07:35 AM

Updated otrs2 packages has been released for Debian GNU/Linux 8 LTS


Otrs2 Security Update for Debian 8 LTS


Package : otrs2
Version : 3.3.18-1+deb8u8
CVE ID : CVE-2019-9752


It has been discovered that OTRS (Open source Ticket Request System)
is susceptible to code injection vulnerability. An attacker who is
logged into OTRS as an agent or a customer user may upload a carefully
crafted resource in order to cause execution of JavaScript in the
context of OTRS. This is related to Content-type mishandling.

For Debian 8 "Jessie", this problem has been fixed in version
3.3.18-1+deb8u8.

We recommend that you upgrade your otrs2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Printed from Linux Compatible (https://www.linuxcompatible.org/news/story/otrs2_security_update_for_debian_8_lts.html)