Parent Directory
| 
Revision Log
MGASA-2013-0196
| 1 | type: security |
| 2 | subject: Updated otrs package fixes security vulnerabilities |
| 3 | CVE: |
| 4 | - CVE-2013-3551 |
| 5 | - CVE-2013-4088 |
| 6 | src: |
| 7 | 2: |
| 8 | core: |
| 9 | - otrs-3.2.8-1.mga2 |
| 10 | 3: |
| 11 | core: |
| 12 | - otrs-3.2.8-1.mga3 |
| 13 | description: | |
| 14 | An attacker with a valid agent login could manipulate URLs in the ticket |
| 15 | watch mechanism to see contents of tickets they are not permitted to see |
| 16 | (CVE-2013-3551, CVE-2013-4088). |
| 17 | references: |
| 18 | - https://bugs.mageia.org/show_bug.cgi?id=10352 |
| 19 | - http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-03/ |
| 20 | - http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-04/ |
| 21 | - http://www.debian.org/security/2013/dsa-2696 |
| 22 | - http://www.debian.org/security/2013/dsa-2712 |
| 23 | ID: MGASA-2013-0196 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |