/[advisories]/10352.adv
ViewVC logotype

Contents of /10352.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 127 - (show annotations) (download)
Mon Jul 1 19:16:15 2013 UTC (3 years, 9 months ago) by boklm
File size: 774 byte(s)
MGASA-2013-0196
1 type: security
2 subject: Updated otrs package fixes security vulnerabilities
3 CVE:
4 - CVE-2013-3551
5 - CVE-2013-4088
6 src:
7 2:
8 core:
9 - otrs-3.2.8-1.mga2
10 3:
11 core:
12 - otrs-3.2.8-1.mga3
13 description: |
14 An attacker with a valid agent login could manipulate URLs in the ticket
15 watch mechanism to see contents of tickets they are not permitted to see
16 (CVE-2013-3551, CVE-2013-4088).
17 references:
18 - https://bugs.mageia.org/show_bug.cgi?id=10352
19 - http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-03/
20 - http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-04/
21 - http://www.debian.org/security/2013/dsa-2696
22 - http://www.debian.org/security/2013/dsa-2712
23 ID: MGASA-2013-0196

  ViewVC Help
Powered by ViewVC 1.1.26