113447 – www-apps/otrs SQL injection and other issues

Bug 113447 - www-apps/otrs SQL injection and other issues

Summary: www-apps/otrs SQL injection and other issues

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Gentoo Security

URL:	http://otrs.org/advisory/OSA-2005-01-en/
Whiteboard:	~? [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2005-11-24 03:40 UTC by Aurélien Requiem
Modified:	2005-11-27 12:00 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aurélien Requiem 2005-11-24 03:40:59 UTC

Hello

Please could you update portage to enable otrs version 2.0.4. It has been
released in the last 24 hours.

It fixes may problems, especially on utf-8.

Thank you.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Aurélien Requiem 2005-11-24 03:51:28 UTC

OTRS team announced it is an important security fix ! So, it's urgent to upgrade
and notify GLSA (maybe).

Thank you.

Comment 2 Carsten Lohrke (RETIRED) gentoo-dev

2005-11-24 15:02:18 UTC

sql & script code injection

http://otrs.org/advisory/OSA-2005-01-en/

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-11-24 22:32:02 UTC

web-apps please bump.

Comment 4 Renat Lumpau (RETIRED) gentoo-dev

2005-11-27 11:16:09 UTC

In CVS.

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-11-27 12:00:21 UTC

Closing without GLSA.