Dear Community Members, ++++++++++ OTRS Security Advisory 2010-01 OTRS 2.3.6 ++++++++++
Release: OTRS 2.3.6 Status: stable Code Name: Bora Bora SECURITY FIXES: =============== --------------------------------------------------------------- OTRS Security Advisory 2010-02 <[email protected]> --------------------------------------------------------------- ID: OSA-2010-02 Date: 2010-09-15 Title: Multiple XSS and denial of service vulnerabilities Severity: Less critical Product: OTRS 2.4.x, OTRS 2.3.x Fixed in: OTRS 2.4.8, OTRS 2.3.6 URL: http://otrs.org/advisory/OSA-2010-02-en/ CVE: CVE-2010-2080 --------------------------------------------------------------- To read the entire Security Advisory please follow this link: ENGLISH VERSION: http://otrs.org/advisory/OSA-2010-02-en/ GERMAN VERSION: http://otrs.org/advisory/OSA-2010-02-de/ BUG FIXES: ========== * Bug# 3426 - Aborted while processing mails with invalid charsets messes up POP3 mailbox handling. [ http://bugs.otrs.org/show_bug.cgi?id=3426 ] MD5 CHECKSUMS: ============== 5c630f840b7658873598ad9168941c59 http://ftp.otrs.org/pub/otrs/RPMS/suse/7.3/otrs-2.3.6-01.i386.rpm c2bf7e88317dcb34cacd4ddd0ab19e42 http://ftp.otrs.org/pub/otrs/RPMS/suse/8.x/otrs-2.3.6-01.i386.rpm 7fee4eee1513da5a7cb3e641dbe24621 http://ftp.otrs.org/pub/otrs/RPMS/suse/9.0/otrs-2.3.6-01.i386.rpm 7f4eca4fe3de6266c5d41b27254c73c2 http://ftp.otrs.org/pub/otrs/RPMS/suse/9.1/otrs-2.3.6-01.i386.rpm e30dc86b0b0a07f1e78b2c159fea5edb http://ftp.otrs.org/pub/otrs/RPMS/suse/10.0/otrs-2.3.6-01.i386.rpm 221e4eec5e61d159c653e8040adf44f3 http://ftp.otrs.org/pub/otrs/RPMS/redhat/7.x/otrs-2.3.6-01.i386.rpm a976d0acee48cca42ebe25fb43eaa1a2 http://ftp.otrs.org/pub/otrs/RPMS/redhat/8.0/otrs-2.3.6-01.i386.rpm d945f43ac1172849597bbc237c6930e4 http://ftp.otrs.org/pub/otrs/RPMS/fedora/4/otrs-2.3.6-01.i386.rpm 9ecc3d5c44cd8bf4344f92cd3d3e1948 http://ftp.otrs.org/pub/otrs/otrs-2.3.6.tar.gz beacd9f9802bbf63ff3b709791fd8e27 http://ftp.otrs.org/pub/otrs/otrs-2.3.6.tar.bz2 aef779f85d1b94afb5a3f58b62099951 http://ftp.otrs.org/pub/otrs/otrs-2.3.6.zip 71c4854a701a79b4cd71de6e4c4f0545 http://ftp.otrs.org/pub/otrs/otrs-2.3.6-win-installer-2.3.1.exe SOFTWARE DOWNLOAD: =================== Please note that we have relaunched our website www.otrs.com. The software can now be downloaded exclusively * http://otrs.org/download/ * http://otrs.org/download/#otrs3 * ftp://ftp.otrs.org/pub/otrs/ (Germany/Hamburg) A complete list of all download mirrors (ftp/http/rsync) is available at http://otrs.org/download/ YOUR CONTRIBUTION: =================== * Please send information regarding vulnerabilities in OTRS to [email protected]. * We kindly ask for your assistance to update the translation files! The current status can be found here: http://users.otrs.com/~me/i18n/ FEEDBACK & BUG REPORTING: ========================= Although OTRS 2.3.6 has been tested before, we appreciate your contributions. As always, you’re encouraged to tell us what you think, using this feedback e-Mail: [enjoy at otrs.com] or by filing a bug in Bugzilla [http://bugs.otrs.org]. -- Hauke Jan Böttcher Director Marketing OTRS AG Norsk-Data-Straße 1 61352 Bad Homburg Germany T: +49 (0) 6172 681988 0 F: +49 (0) 9421 56818 18 I: http://www.otrs.com/ Business Location: Bad Homburg Country Court: Bad Homburg, HRB 10751 VAT ID: DE256610065 Chairman: Burchard Steinbild Managing Board: André Mindermann (CEO) --------------------------------------------------------------------- OTRS mailing list: announce - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/announce To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/announce
--------------------------------------------------------------------- OTRS mailing list: announce - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/announce To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/announce
