Package: otrs Severity: grave Tags: security Justification: user security hole
OTRS is vulnerable to several SQL injection and Cross-Site-Scripting vulnerabilities. Please see here for more information: http://otrs.org/advisory/OSA-2005-01-en/ http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt The new upstream version 1.3.3 fixes all these problems. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-2-686 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]