Hi Patrick, On Wed, Jun 07, 2017 at 09:01:17AM +0200, Patrick Matthäi wrote: > Am 06.06.2017 um 22:37 schrieb Moritz Muehlenhoff: > > Package: otrs > > Severity: grave > > Tags: security > > > > Hi, > > details are sparse on this one, could you get in touch with upstream to > > isolate this to the change in question? > > https://www.otrs.com/security-advisory-2017-03-security-update-otrs-versions/ > > > > Cheers, > > Moritz > > I will try. On which way should I fix Stretch? stretch-security updates > or direct upload to Stretch?
otrs2 in stretch is not covered/supported by security, since non-free. That will need to go in a future stretch point release (unless we want to make an exception here). Regards, Salvatore