Bas, as mentioned in comment #1, otrs2 is community maintained and not officially supported so an update will not be made by the security team. If you are able, I suggest posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures.
** Also affects: otrs2 (Ubuntu Lucid) Importance: Undecided Status: New ** Changed in: otrs2 (Ubuntu) Status: In Progress => Fix Released ** Changed in: otrs2 (Ubuntu Lucid) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/675324 Title: Multiple XSS and denial of service vulnerabilitie To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/otrs2/+bug/675324/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs