Change logs for otrs2 source package in Focal

  • otrs2 (6.0.26-1) unstable; urgency=high
    
      * New upstream release.
        - Fixes CVE-2019-11358, also known as OSA-2020-05: OTRS use jquery version
          3.2.1, which is vulnerable to the prototype pollution attack.
    
     -- Patrick Matthäi <email address hidden>  Fri, 07 Feb 2020 15:27:15 +0100
  • otrs2 (6.0.25-3) unstable; urgency=high
    
      * New version with pre-built binaries.
    
     -- Patrick Matthäi <email address hidden>  Fri, 31 Jan 2020 09:20:15 +0100
  • otrs2 (6.0.25-2) unstable; urgency=medium
    
      * Adjust lintian overrides.
      * Bump Standards-Version to 4.5.0.
    
     -- Patrick Matthäi <email address hidden>  Thu, 23 Jan 2020 16:33:10 +0100
  • otrs2 (6.0.25-1) unstable; urgency=high
    
      * New upstream release.
        - Fixes CVE-2020-1767, also known as OSA-2020-03: Agent A is able to save a
          draft (i.e. for customer reply). Then Agent B can open the draft, change
          the text completely and send it in the name of Agent A. For the customer
          it will not be visible that the message was sent by another agent.
    
     -- Patrick Matthäi <email address hidden>  Mon, 20 Jan 2020 11:21:00 +0100
  • otrs2 (6.0.24-1) unstable; urgency=high
    
      * New upstream release.
        - Fixes CVE-2019-18179, also known as OSA-2019-14: An attacker who is logged
          into OTRS as an agent is able to list tickets assigned to other agents,
          which are in the queue where attacker doesn’t have permissions.
        - Fixes CVE-2019-18180, also known as OSA-2019-15: OTRS can be put into an
          endless loop by providing filenames with overly long extensions. This
          applies to the PostMaster (sending in email) and also upload (attaching
          files to mails, for example).
          Closes: #945251
      * Add dependency on package libcpan-audit-perl.
      * Use the new debhelper-compat notation, and drop the d/compat file.
    
     -- Patrick Matthäi <email address hidden>  Fri, 27 Dec 2019 10:51:52 +0100
  • otrs2 (6.0.23-2) unstable; urgency=medium
    
      * Build binary packages.
    
     -- Patrick Matthäi <email address hidden>  Fri, 11 Oct 2019 10:20:09 +0200
  • otrs2 (6.0.20-1) unstable; urgency=medium
    
      * New upstream release.
      * Bump Standards-Version to 4.4.0.
    
     -- Patrick Matthäi <email address hidden>  Fri, 12 Jul 2019 10:13:22 +0200