-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4317-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 14, 2018                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : otrs2
CVE ID         : CVE-2018-14593 CVE-2018-16586 CVE-2018-16587

Three vulnerabilities were discovered in the Open Ticket Request System
which could result in privilege escalation or denial of service.

For the stable distribution (stretch), these problems have been fixed in
version 5.0.16-1+deb9u6.

We recommend that you upgrade your otrs2 packages.

For the detailed security status of otrs2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/otrs2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlvDkgcACgkQEMKTtsN8
TjZs5A//dXFN6t7WfrxsrcnU6gNm1EkDDz1a7mSuH4EaX6lEAn9U41gbMkrrMnEK
aFnwJOz8Nzo36EEClbGkjCYLn6/qjBPRtwjbVJtWMyFS0f5HUI2dorjE7elt+WRe
Zbjt6LNZ+f4ZrZTHdEm5D5ZDlw0YJ19c7bcY+GlICE5aNtx1no8ErzSpM1syCJBT
Mo2piXlQ/ll6H9OR4iW+65alvwfXxP56uNmnFdx3h0fBw6fAa/cd34fJqnybuTQ2
PT5Rlw98P7rNJ0khalSwJKEROYkaT6TJO/ibfj/B5GE4QUbDucnOvk7wT83egSXI
OMJp/jB75VOoOe09Ci2q1Z/7vKjSRN8rUDFNkA/5x9B/MeVIfjdru7OLbDs15atS
F6j4CfnQoChi6JrwlnsQFwdj2htBfeUkk5TXJ3/xK8/Tb9Nb2V725Emy1OGtOY3E
/S+5m6JRLNuHZMwY2RFGmWL0dQ+tjeaoRgsvW2RgGNP+b8+4DXwNGfMPzGf7brW2
Ke4+VQoSkYa6B55Vhi0phnJqHOOVtD87percjDYDh/GsuMqsZDfA2ol0TkoJkvJI
I5gT4ZGoKj9aNY28mN1M3iY9oO1bDqo+3BkXQFzI5nIg/09mykrhx3e5Cv/6hyAU
9qmLI0P8qb//Jxpn84lX+l/6KAnJH+nHY9anRV75Qlcn7EKXDYA=
=XvsO
-----END PGP SIGNATURE-----