[Git][security-tracker-team/security-tracker][master] data/{dla-needed.txt,CVE/list}: Triage open otrs2 issues for jessie.

Mike Gabriel sunweaver at debian.org
Fri Mar 15 14:15:22 GMT 2019 

Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f1ea745b by Mike Gabriel at 2019-03-15T14:15:00Z
data/{dla-needed.txt,CVE/list}: Triage open otrs2 issues for jessie.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -165,10 +165,12 @@ CVE-2019-9752 (An issue was discovered in Open Ticket Request System (OTRS) 5.x
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d4e3dfbaa054762b29df54705aa412685dd37e15
 CVE-2019-9751 (An issue was discovered in Open Ticket Request System (OTRS) 6.x before ...)
 	- otrs2 6.0.17-1
+	[jessie] - otrs2 <not-affected> (Vulnerable code not present)
 	NOTE: https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/1afb2b995e59551b927c2105e234e8b87efcc37a
 CVE-2018-20800 (An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and ...)
 	- otrs2 6.0.14-1
+	[jessie] - otrs2 <not-affected> (Vulnerable code not present)
 	NOTE: https://community.otrs.com/security-advisory-2018-10-security-update-for-otrs-framework/
 	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/8d17d58029efbb0bba25c4208e09e2d320eeb0c3
 	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/7d3c56d5b9bb38207695dae174dbba89a132e7b9


=====================================
data/dla-needed.txt
=====================================
@@ -72,6 +72,9 @@ openssh (Mike Gabriel)
   NOTE: 20190228: CVE-2019-6111 seemingly not-yet-fixed, see https://bugs.debian.org/923486
   NOTE: 20190228: Package draft for jessie LTS locally, but the CVE-2019-6111 patch requires being fixed first before proceeding
 --
+otrs2
+  NOTE: 20190315: OTRS in jessie is probably affected by CVE-2019-9752.
+--
 php5 (Thorsten Alteholz)
 --
 polarssl



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1ea745b904034da37264d4d5e440637f5158df1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1ea745b904034da37264d4d5e440637f5158df1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190315/202b0948/attachment.html>

More information about the debian-security-tracker-commits mailing list