Bug#864175: marked as done (otrs2: broken symlink: /var/lib/otrs/httpd/htdocs/js/thirdparty/jquery-ui -> /usr/share/javascript/jquery-ui)

[Debian Bug Tracking System]

Your message dated Thu, 08 Jun 2017 09:04:57 +0000
with message-id <e1ditnb-0003bq...@fasolo.debian.org>
and subject line Bug#864175: fixed in otrs2 5.0.20-1
has caused the Debian Bug report #864175,
regarding otrs2: broken symlink: 
/var/lib/otrs/httpd/htdocs/js/thirdparty/jquery-ui -> 
/usr/share/javascript/jquery-ui
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864175: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864175
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: otrs2
Version: 5.0.19-1
Severity: important
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

10m39.4s ERROR: FAIL: Broken symlinks:
  /var/lib/otrs/run -> /run/otrs
  /var/lib/otrs/httpd/htdocs/js/thirdparty/jquery-ui -> 
/usr/share/javascript/jquery-ui
  /usr/share/otrs/Kernel/Config/GenericAgent.pm -> 
/etc/otrs/Kernel/Config/GenericAgent.pm

The first and third broken link are probably ok, but the second
looks like a missing dependency on libjs-jquery-ui.


cheers,

Andreas

otrs2_5.0.19-1.log.gz
Description: application/gzip

--- End Message ---

--- Begin Message ---

Source: otrs2
Source-Version: 5.0.20-1

We believe that the bug you reported is fixed in the latest version of
otrs2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Patrick Matthäi <pmatth...@debian.org> (supplier of updated otrs2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 08 Jun 2017 10:39:18 +0200
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 5.0.20-1
Distribution: unstable
Urgency: high
Maintainer: Patrick Matthäi <pmatth...@debian.org>
Changed-By: Patrick Matthäi <pmatth...@debian.org>
Description:
 otrs       - Open Ticket Request System (OTRS 5)
 otrs2      - Open Ticket Request System
Closes: 864175 864319
Changes:
 otrs2 (5.0.20-1) unstable; urgency=high
 .
   * New upstream release.
     - This fixes OSA-2017-03, also known as CVE-2017-9324: An attacker with
       agent permission is capable by opening a specific URL in a browser to
       gain administrative privileges / full access. Afterward, all system
       settings can be read and changed.
       Closes: #864319
   * Remove obsolete symlink for jquery-ui.
     Closes: #864175
   * Merge 3.3.9-3+deb8u1 and 5.0.16-1+deb9u1 changelog.
Checksums-Sha1:
 b5b8d4318d4a2db5425705a1c80f7aa7be05de74 1796 otrs2_5.0.20-1.dsc
 1efa21127c52bd373d561b10b614ea734c7e4299 20638821 otrs2_5.0.20.orig.tar.bz2
 9276ed165274dc1e87c2b65b538b84d4ea3e73db 45108 otrs2_5.0.20-1.debian.tar.xz
 f283cd863715cb853d3e292af2d2670287aeb60e 7395178 otrs2_5.0.20-1_all.deb
 2070558974856982941ed9567b311dbbe4198c2e 6590 otrs2_5.0.20-1_amd64.buildinfo
 977e595487168963683b28e89d2a492d1076e8d1 218786 otrs_5.0.20-1_all.deb
Checksums-Sha256:
 689df26f6fd53243df680d581bebc688bb6fbabb318f1520702a502162f11073 1796 
otrs2_5.0.20-1.dsc
 1dfebd86dc55c7e125593e0bb5307a74217f15e23469fead66e2a4f6e00e27e5 20638821 
otrs2_5.0.20.orig.tar.bz2
 13a7d5aa0ad90a81fdd50299d085ade3c86ffd4250dc9daa2704a5eb5892851e 45108 
otrs2_5.0.20-1.debian.tar.xz
 1d2f2bf8dfe2acba58700c3ba8800a4dcab7f907ffe30da406d50281a75b8039 7395178 
otrs2_5.0.20-1_all.deb
 60dcdced4e73e5c8e214dbb9c232814ac8a28463d635aa48bfe551cdca2c8a02 6590 
otrs2_5.0.20-1_amd64.buildinfo
 db0b7b3537648ef198a12402ed37eed51f81fef4dcd4533d3354a24f46a70211 218786 
otrs_5.0.20-1_all.deb
Files:
 21395469b6756c46e8c9e2d2f3a51884 1796 non-free/web optional otrs2_5.0.20-1.dsc
 8d576fb9bf5ae6a779acf360f932bf08 20638821 non-free/web optional 
otrs2_5.0.20.orig.tar.bz2
 e5c00fdea60a29a688aee207f6c2f4bb 45108 non-free/web optional 
otrs2_5.0.20-1.debian.tar.xz
 1d140e5ef9a182a7570355dc839195e8 7395178 non-free/web optional 
otrs2_5.0.20-1_all.deb
 841966c6680c5b6ab7eb5e641bacb8be 6590 non-free/web optional 
otrs2_5.0.20-1_amd64.buildinfo
 a764b9713e79d7543874a2ed17648fde 218786 non-free/web optional 
otrs_5.0.20-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJZOQ4sAAoJEBLZsEqQy9jkWC4QAKS11I8dzM9LpkbXCB2hx+a3
d5r1x9UtPBKCURtWNHmOkOHOu9lLfMsW2fIu4yBJ1PBHfKTnt8AKqZeafEQ698kD
RXqNLNLnu599kBaPqd5zyGhMG82PWXMCatCw4vDB1+i8y5YKQ28t9iE8fu4WRTO3
ApR9x44SqbQbZLwFdD7CjJM+sGkJ1LU0d3iTDwsGhTTqECZZeLPof10lCsNuQV+Y
UPO4EYfJu/cY02u+PilE8O9VXwnuhCziVm47WHouh4C50E4kaGqrIRcBKTz0aofO
VziXD19wsxbtwAh0WEmINBhHOYtBySwjHrWfZUzU7BLhFHe/X2WPg5nnkTNXEj0p
Gz0jfta+L/H8PQHYNNdP7xhH0eRp6Rlll/T7/XtuoGKXzhHIU9+7wnemAuy91Wpv
zcLTpxZ/GTfuWmxwaDnZxNTGsaVNNUGmVdzNyDZ5rCGmxLzFilJ+GiwEJisLXy73
e72DQoojQXSeyB2J7+8wOSW5A9XhfLcsXq0xY+3yeNXsE8Fya+sCwm7gk8eDnCU4
RkbH9d3HNDTo4CcPHwxYFJBB1rojF3ra973s7B9PtW1Yki5fEE+savwKL1Y31adF
NH3Wef3G8fxiu/WpD+E34vhg9QpMEsJhDRuhTkcWBTJincwc1KGUWv8UkASvM9bX
gIz2Z+tkdBMM+i95a44R
=m1Yl
-----END PGP SIGNATURE-----

--- End Message ---