From ${URL} : An attacker could trick an authenticated agent or customer into opening a malicious attachment which could lead to the execution of JavaScript in OTRS context. Fixed in: OTRS 3.3.16 4.0.19 5.0.14 @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
otrs-5.0.14.ebuild running OK here. Same ebuild as the releases before. see bug https://bugs.gentoo.org/show_bug.cgi?id=563580 for reference
@ Stefan: Please submit a PR so we can review/proceed.
please advise where and how to submit the PR. You want to pull the ebuild from my repo?
Stefan, please see https://wiki.gentoo.org/wiki/Gentoo_Github for details. You basically create a PR against the repository at https://github.com/gentoo/gentoo.
https://github.com/gentoo/gentoo/pull/3412
Package was updated, no stabilization needed because package was never stable. Repository is clean. All done.
