Information on source package otrs2

Available versions

ReleaseVersion
wheezy3.1.7+dfsg1-8+deb7u5
wheezy (security)3.3.18-1~deb7u1
jessie3.3.9-3+deb8u1
jessie (security)3.3.18-1+deb8u2
stretch/non-free5.0.16-1+deb9u1
stretch/non-free (security)5.0.16-1+deb9u3
buster/non-free5.0.24-1
sid/non-free5.0.24-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-16664vulnerablefixedfixedfixedfixedCode injection exists in Kernel/System/Spelling.pm in Open Ticket ...
CVE-2017-15864vulnerablefixedfixedfixedfixedIn the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x ...
CVE-2016-9139fixedvulnerable (no DSA)fixedfixedfixedCross-site scripting (XSS) vulnerability in Open Ticket Request System ...

Resolved issues

BugDescription
CVE-2017-9324In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through ...
CVE-2017-14635In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before ...
CVE-2014-9324The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x ...
CVE-2014-2554OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 ...
CVE-2014-2553Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2014-1695Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2014-1694Multiple cross-site request forgery (CSRF) vulnerabilities in (1) ...
CVE-2014-1471SQL injection vulnerability in the StateGetStatesByType function in ...
CVE-2013-4717SQL injection
CVE-2013-4088Information Disclosure
CVE-2013-3551
CVE-2013-2625
CVE-2012-4751Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2012-4600Cross-site scripting (XSS) vulnerability in Open Ticket Request System ...
CVE-2012-2582Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2011-2746Unspecified vulnerability in Kernel/Modules/AdminPackageManager.pm in ...
CVE-2011-2385The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in ...
CVE-2011-1518Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2011-1433The (1) AgentInterface and (2) CustomerInterface components in Open ...
CVE-2011-0456webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier ...
CVE-2010-4768Open Ticket Request System (OTRS) before 2.3.5 does not properly ...
CVE-2010-4767Open Ticket Request System (OTRS) before 2.3.6 does not properly ...
CVE-2010-4766The AgentTicketForward feature in Open Ticket Request System (OTRS) ...
CVE-2010-4765Race condition in the Kernel::System::Main::FileWrite method in Open ...
CVE-2010-4764Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, ...
CVE-2010-4763The ACL-customer-status Ticket Type setting in Open Ticket Request ...
CVE-2010-4762Cross-site scripting (XSS) vulnerability in the rich-text-editor ...
CVE-2010-4761The customer-interface ticket-print dialog in Open Ticket Request ...
CVE-2010-4760Open Ticket Request System (OTRS) before 3.0.0-beta6 adds ...
CVE-2010-4759Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly ...
CVE-2010-4758installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an ...
CVE-2010-4071Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS ...
CVE-2010-3476Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before ...
CVE-2010-2080Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2010-0438Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in ...
CVE-2009-5057The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 ...
CVE-2009-5056Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly ...
CVE-2009-5055Open Ticket Request System (OTRS) before 2.4.4 grants ticket access on ...
CVE-2008-7283Open Ticket Request System (OTRS) before 2.2.6, when customer group ...
CVE-2008-7282Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open ...
CVE-2008-7281Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing ...
CVE-2008-7280Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket ...
CVE-2008-7279The CustomerInterface component in Open Ticket Request System (OTRS) ...
CVE-2008-7278The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, ...
CVE-2008-7277Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw ...
CVE-2008-7276Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) ...
CVE-2008-7275Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket ...
CVE-2008-7220Unspecified vulnerability in Prototype JavaScript framework ...
CVE-2008-1515The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 ...
CVE-2007-2524Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket ...
CVE-2007-2383The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data ...

Security announcements

DSA / DLADescription
DSA-4047-1otrs2 - security update
DSA-4047-1otrs2 - security update
DSA-4021-1otrs2 - security update
DSA-4021-1otrs2 - security update
DLA-1119-1otrs2 - security update
DSA-3876-1otrs2 - security update
DLA-787-1otrs2 - security update
DSA-3124-1otrs2 - security update
DSA-2867-1otrs2 - several
DSA-2867-1otrs2 - several
DSA-2733-1otrs2 - SQL injection
DSA-2733-1otrs2 - SQL injection
DSA-2712-1otrs2 - privilege escalation
DSA-2696-1otrs2 - privilege escalation
DSA-2536-1otrs2 - cross-site scripting
DSA-2231-1otrs2 - cross-site scripting
DSA-1993-1otrs2 - SQL injection
DSA-1298-1otrs2

Search for package or bug name: Reporting problems