Change log for otrs2 package in Ubuntu

51100 of 141 results
Superseded in zesty-release
Deleted in zesty-proposed (Reason: moved to release)
otrs2 (5.0.15-1) unstable; urgency=medium

  * New upstream release.
    - Refresh patch 01-cron.
    - Refresh patch 03-backup.
    - Refresh patch 07-otrs-business-check.
    - Refresh patch 09-disable-DashboardProductNotify.
    - Refresh patch 11-do-not-test-file-writes.
    - Refresh patch 14-font-paths.
  * Merge 5.0.14-1~bpo8+1 changelog.

 -- Patrick Matthäi <email address hidden>  Mon, 19 Dec 2016 16:31:47 +0100

Available diffs

Superseded in zesty-release
Deleted in zesty-proposed (Reason: moved to release)
otrs2 (5.0.14-1) unstable; urgency=high

  * New upstream release.
    - Fixes CVE-2016-9139, also known as OSA-2016-02: An attacker could trick
      an authenticated agent or customer into opening a malicious attachment
      which could lead to the execution of JavaScript in OTRS context.
      Closes: #843091
  * Adjust linitian overrides.

 -- Patrick Matthäi <email address hidden>  Wed, 09 Nov 2016 10:06:51 +0100

Available diffs

Superseded in zesty-release
Deleted in zesty-proposed (Reason: moved to release)
otrs2 (5.0.13-2) unstable; urgency=medium

  * Move package from main to non-free, because of the "browserified" issue as
    long as there is no way to replace all embedded javascript code copies
    safely (without introducing new issues as in the past) from the package.
    Closes: #695664, #836181
  * Merge 5.0.13-1~bpo8+1 changelog.
  * Recommend default-mysql-client and default-mysql-server package.

 -- Patrick Matthäi <email address hidden>  Mon, 17 Oct 2016 10:25:02 +0200

Available diffs

Superseded in zesty-release
Obsolete in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
otrs2 (5.0.12-1) unstable; urgency=medium

  * New upstream release.
    - Refresh patch 09-disable-DashboardProductNotify.
    - Refresh patch 14-font-paths.

 -- Patrick Matthäi <email address hidden>  Fri, 12 Aug 2016 11:18:26 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
otrs2 (5.0.11-1) unstable; urgency=medium

  * New upstream release.
    - Refresh patch 07-otrs-business-check.
    - Refresh patch 08-usable-apache-config.
    - Refresh patch 09-disable-DashboardProductNotify.
    - Refresh patch 14-font-paths.
  * Merge 5.0.10-1~bpo8+1 changelog.
  * Overwrite false positive lintian warning about prebuilt javascript object
    Core.UI.InputFields.UnitTest.js.
  * Remove GenericAgent.pm on purge.

 -- Patrick Matthäi <email address hidden>  Thu, 07 Jul 2016 09:55:45 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
otrs2 (5.0.10-1) unstable; urgency=medium

  * New upstream release.
    - Refresh patch 09-disable-DashboardProductNotify.
    - Refresh patch 11-do-not-test-file-writes.
    - Refresh patch 14-font-paths.
  * Bump Standards-Version to 3.9.8 (no changes required).
  * Mangle repack in debian/watch.

 -- Patrick Matthäi <email address hidden>  Tue, 17 May 2016 12:53:34 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
otrs2 (5.0.9+repack1-1) unstable; urgency=medium

  * Revert usage of external ckeditor package, since it breaks OTRS. Create an
    new repack package.

 -- Patrick Matthäi <email address hidden>  Wed, 20 Apr 2016 11:44:47 +0200

Available diffs

Superseded in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
otrs2 (5.0.7-1) unstable; urgency=medium

  * New upstream release.
    - Refresh patch 09-disable-DashboardProductNotify.
    - Refresh patch 10-nice-packagemanager-permissions-message.
    - Refresh patch 11-do-not-test-file-writes.
    - Refresh patch 14-font-paths.
  * Merge 5.0.6-1~bpo8+1 changelog.
  * Bump Standards-Version to 3.9.7 (no changes required).
  * Do not overwrite source-contains-prebuilt-object lintian warnings.

 -- Patrick Matthäi <email address hidden>  Tue, 16 Feb 2016 13:20:26 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
otrs2 (5.0.6-1) unstable; urgency=medium

  * New upstream release.
    - Refresh hunky patch 09-disable-DashboardProductNotify.
    - Refresh hunky patch 14-font-paths.

 -- Patrick Matthäi <email address hidden>  Tue, 19 Jan 2016 09:07:34 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
otrs2 (5.0.5-1) unstable; urgency=medium

  * New upstream release.
  * Add patch 07-otrs-business-check to deactivate OTRSBusinessEntitlementCheck
    and OTRSBusinessAvailabilityCheck cronjob in the default configuration,
    since they connect to cloud.otrs.com.
    Closes: #806263

 -- Patrick Matthäi <email address hidden>  Wed, 16 Dec 2015 10:18:39 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
otrs2 (5.0.3-1) unstable; urgency=medium

  * New upstream release.
  * Do not use anymore embedded Lingua::Translit library and depend on
    liblingua-translit-perl.

 -- Patrick Matthäi <email address hidden>  Tue, 17 Nov 2015 13:34:27 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
otrs2 (5.0.2-1) unstable; urgency=medium

  * New upstream release.
  * Add dependency on new package libschedule-cron-events-perl.
    Closes: #803301
  * Add dependency on libhtml-parser-perl.
  * Add dependency on libhtml-tagset-perl and libhtml-truncate-perl and remove
    the cpan-lib/HTML directory.

 -- Patrick Matthäi <email address hidden>  Thu, 05 Nov 2015 14:18:07 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
otrs2 (5.0.1-2) unstable; urgency=medium

  * Drop dependency on libjs-jquery-ui and the patches
    12-use-debian-libjs-packages and 13-load-debian-libjs. Use again the
    embedded version.
    Closes: #802938

 -- Patrick Matthäi <email address hidden>  Mon, 26 Oct 2015 18:13:00 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
otrs2 (5.0.1-1) unstable; urgency=medium

  * New upstream release.
    - Rewrite patch 01-cron, everything is working now with the new scheduler.
    - Use DB-Update-5 script in 02-dbupdate-as-root.
    - Refresh hunky patch 03-backup.
    - Rewrite patch 04-opt.
    - Rewrite patch 05-database.
    - Refresh hunky patch 06-no-installer.
    - Refresh hunky patch 09-disable-DashboardProductNotify.
    - Rewrite patch 10-nice-packagemanager-permissions-message.
    - Refresh hunky patch 11-do-not-test-file-writes.
    - Rewrite patch 12-use-debian-libjs-packages.
    - Rewrite patch 13-load-debian-libjs.
    - Refresh hunky patch 14-font-paths.
    - Adjust yui-compressor paths in debian/rules.
    - Adjust package descriptions for release 5.
    - Add new dependencies on libxml-libxml-perl and libxml-libxslt-perl.
    - Install and use new DBUpdate 5 schema files and script for upgrading.
    - Use new tool otrs.Console.pl, which replaced old scripts like
      otrs.CheckDB.pl, otrs.RebuildConfig and otrs.DeleteCache.
    - Adjust otrs2.install.
  * Merge 4.0.13-1~bpo8+1 changelog.
  * Do not suggest dropped otrs2-doc packages anymore.
  * Watch again all releases.
  * Import DBUpdate-to-4 from the last OTRS 4.0.13 release.
  * Remove obsolete stuff from debian/rules.
  * Remove auto_build directory.
  * Adjust debian/copyright.
  * Remove GenericAgent.pm from config file handling.
  * Install required Lingua cpan module.
  * Add dependency libpod-strip-perl.
  * Use otrs.Console.pl in otrs2.config to get database parameters.
  * Set additional new permissions on the configuration directory.
  * Create /run/otrs in cronjob, if it does not exist.

 -- Patrick Matthäi <email address hidden>  Fri, 23 Oct 2015 15:44:39 +0200

Available diffs

Superseded in xenial-proposed
otrs2 (4.0.13-1) unstable; urgency=medium

  * New upstream release.

 -- Patrick Matthäi <email address hidden>  Thu, 01 Oct 2015 14:57:24 +0200
Superseded in xenial-release
Obsolete in wily-release
Deleted in wily-proposed (Reason: moved to release)
otrs2 (4.0.10-1) unstable; urgency=medium

  * New upstream release.

 -- Patrick Matthäi <email address hidden>  Thu, 16 Jul 2015 20:20:34 +0200

Available diffs

Superseded in wily-release
Deleted in wily-proposed (Reason: moved to release)
otrs2 (4.0.9-1) unstable; urgency=low

  * New upstream release.
    - Refresh hunky patch 11-do-not-test-file-writes.
  * Overwrite false positive lintian warning
    command-with-path-in-maintainer-script.

 -- Patrick Matthäi <email address hidden>  Tue, 07 Jul 2015 09:46:32 +0200

Available diffs

Superseded in wily-release
Deleted in wily-proposed (Reason: moved to release)
otrs2 (4.0.8-1) unstable; urgency=low

  * New upstream release.
  * Switch to DEP5 debian/copyright format.

 -- Patrick Matthäi <email address hidden>  Tue, 12 May 2015 20:02:51 +0200

Available diffs

Superseded in wily-release
Deleted in wily-proposed (Reason: moved to release)
otrs2 (4.0.7-2) unstable; urgency=low

  * Upload to unstable.

 -- Patrick Matthäi <email address hidden>  Wed, 29 Apr 2015 10:00:47 +0200

Available diffs

Superseded in wily-release
Obsolete in vivid-release
Deleted in vivid-proposed (Reason: moved to release)
otrs2 (3.3.9-3) unstable; urgency=medium


  * Add patch 16-CVE-2014-9324.diff which fixes CVE-2014-9324, also known as
    OSA-2014-06:
    An attacker with valid OTRS credentials could access and manipulate ticket
    data of other users via the GenericInterface, if a ticket webservice is
    configured and not additionally secured.

 -- Patrick Matthäi <email address hidden>  Thu, 18 Dec 2014 19:02:56 +0100

Available diffs

Superseded in vivid-release
Deleted in vivid-proposed (Reason: moved to release)
otrs2 (3.3.9-2) unstable; urgency=low


  * Drop libjs-jquery dependency and use the emebedded version again to avoid
    application errors.
    Closes: #763750
  * Bump Standards-Version to 3.9.6 (no changes required).
  * Remove unused override about package-contains-broken-symlink.

 -- Patrick Matthäi <email address hidden>  Mon, 27 Oct 2014 21:07:36 +0100

Available diffs

Superseded in vivid-release
Deleted in vivid-proposed (Reason: moved to release)
otrs2 (3.3.9-1) unstable; urgency=medium


  * New upstream release.
  * Temporary only watch 3.3.x releases.

 -- Patrick Matthäi <email address hidden>  Tue, 09 Sep 2014 16:15:53 +0200

Available diffs

Superseded in vivid-release
Obsolete in utopic-release
Deleted in utopic-proposed (Reason: moved to release)
otrs2 (3.3.8-1) unstable; urgency=medium


  * New upstream release.
    - Refresh hunky patch 03-backup.
  * Remove unused lintian overrides.

 -- Patrick Matthäi <email address hidden>  Wed, 09 Jul 2014 10:22:12 +0200

Available diffs

Superseded in utopic-release
Deleted in utopic-proposed (Reason: moved to release)
otrs2 (3.3.7-2) unstable; urgency=medium


  * Create missing /run/otrs for the scheduler about the cronjob.
  * Remove otrs2 cron.d symlink on purge.
  * Check also for /etc/cron.d/otrs in postinst.

 -- Patrick Matthäi <email address hidden>  Fri, 23 May 2014 10:02:48 +0200

Available diffs

Superseded in utopic-release
Deleted in utopic-proposed (Reason: moved to release)
otrs2 (3.3.7-1) unstable; urgency=medium


  * New upstream release.
    - Rewrite patch 01-cron.
    - Refresh hunky patch 07-dont-chown-links.
    - Refresh hunky patch 09-disable-DashboardProductNotify.
    - Refresh hunky patch 12-use-debian-libjs-packages.
    - init script has been removed.
  * Automatic link /etc/otrs/cron to /etc/cron.d/otrs2.
  * Remove deprecated cron snippet from postinst.

 -- Patrick Matthäi <email address hidden>  Tue, 13 May 2014 11:13:58 +0200

Available diffs

Superseded in utopic-release
Deleted in utopic-proposed (Reason: moved to release)
otrs2 (3.3.6-1) unstable; urgency=medium


  * New upstream release.
    - Refresh hunky patch 09-disable-DashboardProductNotify.
    - Refresh hunky patch 10-nice-packagemanager-permissions-message.
    - Refresh hunky patch 12-use-debian-libjs-packages.
    - Refresh hunky patch 14-font-paths.
  * Support module is not shipped anymore. Remove it from debian/rules.

 -- Patrick Matthäi <email address hidden>  Tue, 01 Apr 2014 11:35:40 +0200

Available diffs

Superseded in utopic-release
Published in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.3.5-1) unstable; urgency=high


  * New upstream release.
    - Refresh hunky patch 09-disable-DashboardProductNotify.
    - Refresh hunky patch 12-use-debian-libjs-packages.
    - Refresh hunky patch 13-load-debian-libjs.
  * Add build dependency on yui-compressor and rebuild minified JavaScript
    files from source on building the package.
    Closes: #735895
  * Added additional information about the MySQL MyISAM->InnoDB switch of MySQL
    5.5 to README.Debian.
    Closes: #707075
  * Merge 3.1.7+dfsg1-8+deb7u4 and 2.4.9+dfsg1-3+squeeze5 changelog.
  * Do not use -f on rm in debian/rules.
  * Remove dependency on libjs-prototype, it is no longer used.

 -- Patrick Matthäi <email address hidden>  Thu, 27 Feb 2014 12:58:14 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.3.4-1) unstable; urgency=medium


  * New upstream release.
    - Fixed SQL injection issue CVE-2014-1471, also known as OSA-2014-02.
    - Fixed CSRF issue OSA-2014-01.
    - Refresh hunky patch 09-disable-DashboardProductNotify.
    - Rewrite patch 12-use-debian-libjs-packages.
    - Rewrite patch 13-load-debian-libjs.
    - Refresh hunky patch 14-font-paths.
    - Refresh hunky patch 15-dbupdate-as-root.
    - Refresh hunky patch 16-init-script.

 -- Patrick Matthäi <email address hidden>  Wed, 29 Jan 2014 09:34:15 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.3.3-3) unstable; urgency=low


  * Add dependency on libxml-parser-lite-perl.
    Closes: #735076
  * Adjust lintian overrides.

 -- Patrick Matthäi <email address hidden>  Thu, 16 Jan 2014 15:40:32 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.3.3-2) unstable; urgency=high


  * Add missing ivory-slim/css-cache directory.
  * Depend on libnet-sslglue-perl module.
  * Depend on liblinux-distribution-perl module.
  * Remove non-free flash files from packaging.
    Closes: #734276
  * Overwrite lintian warning debian-watch-may-check-gpg-signature. There are
    no GPG signatures available.
  * Overwrite a privacy-breach-generic lintian warning. The affected file is
    not used by OTRS.

 -- Patrick Matthäi <email address hidden>  Fri, 10 Jan 2014 13:07:52 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.3.3-1) unstable; urgency=low


  * New upstream release.

 -- Patrick Matthäi <email address hidden>  Tue, 10 Dec 2013 09:56:42 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.3.2-1) unstable; urgency=low


  * New upstream release.
    - Adjust lintian overrides.
  * Import and install missing DBUpdate-to-3.2.pl script.
    Closes: #730193
  * Replace old init script with the new otrs scheduler init.
    - Add patch 16-init-script to fix the otrs path.
    - Remove check for the old maintenance file from 08-usable-apache-config.
    - Drop patch 02-postmaster.
    - Add dependency on libproc-daemon-perl.
  * Remove unused lintian override.

 -- Patrick Matthäi <email address hidden>  Mon, 02 Dec 2013 14:14:29 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.3.1-1) unstable; urgency=low


  * New upstream release.
    - Rewrite patch 01-cron.
    - Refresh hunky patch 03-backup.
    - Refresh hunky patch 04-opt.
    - Rewrite patch 05-database.
    - Rewrite patch 08-usable-apache-config.
    - Refresh hunky patch 09-disable-DashboardProductNotify.
    - Rewrite patch 12-use-debian-libjs-packages.
    - Rewrite patch 13-load-debian-libjs.
    - Refresh hunky patch 14-font-paths.
    - Take over 3.2.x database upgrade scripts from older packing to debian/.
    - Install new database schema upgrades.
    - Use fonts from fonts-font-awesome package.
    - libjs-yui has been removed.
    - Add dependency on libsys-hostname-long-perl.
    - Recommend module libcrypt-eksblowfish-perl.
    - Add patch 15-dbupdate-as-root to allow update script to run as user root.
  * Watch again all stable releases.
  * Overwrite some lintian warnings about embedded javascript libraries.
  * Upgrade some Perl module suggests to recommend.

 -- Patrick Matthäi <email address hidden>  Wed, 20 Nov 2013 10:53:29 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.2.12-1) unstable; urgency=high


  * New upstream release.
    - Refresh hunky patch 07-dont-chown-links.
    - Refresh hunky patch 11-fix-SetPermissions-to-include-some-more-dirs.
  * Allow otrs.DeleteCache.pl to fail in postinst.
    Closes: #728301
  * Merge 3.2.11-1~bpo70+1 changelog.
  * Bump Standards-Version to 3.9.5 (no changes needed).
  * Don't explicitly request xz compression - dpkg 1.17 does this by default.

 -- Patrick Matthäi <email address hidden>  Fri, 08 Nov 2013 12:25:45 +0100

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release)
otrs2 (3.2.11-1) unstable; urgency=low


  * New upstream release.
    - Refresh hunky patch 03-backup.
    - Refresh hunky patch 13-load-debian-libjs.

 -- Patrick Matthäi <email address hidden>  Tue, 08 Oct 2013 15:28:23 +0200

Available diffs

Superseded in trusty-release
Obsolete in saucy-release
Deleted in saucy-proposed (Reason: moved to release)
otrs2 (3.2.9-2) unstable; urgency=high


  * Merge 3.1.7+dfsg1-8+deb7u3 and 2.4.9+dfsg1-3+squeeze4 changelog.
  * Depend on libapache2-reload-perl.
  * Depend on apache2 | httpd-cgi.
    Closes: #715434
  * Better sanity checking in postinst on enabling Apache modules. This is a
    follow-up fix for #715434.
  * Upgrade libapache-dbi-perl from recommends to depends.
  * Remove old code from otrs2.postinst.
  * Transition to Apache 2.4 packaging.
  * Remove unused lintian override.
  * Source /lib/lsb/init-functions in init script.

 -- Patrick Matthäi <email address hidden>  Fri, 02 Aug 2013 16:39:30 +0200

Available diffs

Superseded in saucy-release
Deleted in saucy-proposed (Reason: moved to release)
otrs2 (3.2.9-1) unstable; urgency=high


  * New upstream release.
    - Upstream security fixes for CVE-2013-4717 and CVE-2013-4718, also known
      as OSA-2013-05.

 -- Patrick Matthäi <email address hidden>  Thu, 11 Jul 2013 10:17:51 +0200

Available diffs

Superseded in saucy-release
Deleted in saucy-proposed (Reason: moved to release)
otrs2 (3.2.8-1) unstable; urgency=high


  * New upstream release.
    - Security fix for CVE-2013-4088, also known as OSA-2013-04:
      An attacker with a valid agent login could manipulate URLs in the ticket
      watch mechanism to see contents of tickets they are not permitted to see.
    - Rewrite patch 03-backup.
    - Refresh patch 09-disable-DashboardProductNotify.
    - Refresh patch 12-use-debian-libjs-packages.
    - Refresh patch 14-font-paths.
  * Merge 3.1.7+dfsg1-8+deb7u2 changelog.

 -- Patrick Matthäi <email address hidden>  Wed, 19 Jun 2013 16:13:02 +0200

Available diffs

Superseded in saucy-release
Deleted in saucy-proposed (Reason: moved to release)
otrs2 (3.2.7-2) unstable; urgency=medium


  * Move RELEASE file to /usr/share/otrs.
    Closes: #711282

 -- Patrick Matthäi <email address hidden>  Mon, 10 Jun 2013 11:13:20 +0200

Available diffs

Superseded in saucy-release
Deleted in saucy-proposed (Reason: moved to release)
otrs2 (3.2.7-1) unstable; urgency=high


  * New upstream release.
    - Security fix for CVE-2013-3551, also known as OSA-2013-03:
      An attacker with a valid agent login could manipulate URLs in the ticket
      split mechanism to see contents of tickets and they are not permitted to
      see.
    - Refresh hunky patch 07-dont-chown-links.
    - Refresh hunky patch 10-nice-packagemanager-permissions-message.
    - Rewrite patch 11-fix-SetPermissions-to-include-some-more-dirs.
  * Merge 3.1.7+dfsg1-8+deb7u1 changelog.
  * Permission fixes from debian/rules removed, again.
  * Install new upstream changelog CHANGES.md.

 -- Patrick Matthäi <email address hidden>  Mon, 27 May 2013 09:07:43 +0200

Available diffs

Superseded in saucy-release
Deleted in saucy-proposed (Reason: moved to release)
otrs2 (3.2.6-2) unstable; urgency=low


  * Uploading to unstable.

 -- Patrick Matthäi <email address hidden>  Mon, 06 May 2013 09:23:55 +0200

Available diffs

Superseded in saucy-release
Obsolete in raring-release
Deleted in raring-proposed (Reason: moved to release)
otrs2 (3.1.7+dfsg1-8) unstable; urgency=high


  * Add missing post database schemas for new installations with dbconfig.
    Without it, new installations will miss some important foreign keys and
    later fail to update to version 3.2.x.
    Closes: #702251
  * Add upstream patch 31-CVE-2013-2625 to improve permission checks in
    LinkObject. This fixes CVE-2013-2625.

 -- Patrick Matthäi <email address hidden>  Tue, 02 Apr 2013 10:39:24 +0200

Available diffs

Superseded in raring-release
Deleted in raring-proposed (Reason: moved to release)
otrs2 (3.1.7+dfsg1-7) unstable; urgency=high


  * Do not call otrs.SetPermissions.pl in postinst, since it modificates a few
    files in /usr/share/otrs, instead set the required permissions in
    /var/lib/otrs on my own.
    Closes: #700897

 -- Patrick Matthäi <email address hidden>  Wed, 27 Feb 2013 10:13:53 +0100

Available diffs

Superseded in raring-release
Deleted in raring-proposed (Reason: moved to release)
otrs2 (3.1.7+dfsg1-6) unstable; urgency=medium


  * Add upstream patch 30-osa-2012-03-js-xss to improve HTML security, where a
    special prepared HTML e-mail could cause to execute JavaScript code within
    your browser, as described in OSA-2012-03 and CVE-2012-4751.

 -- Patrick Matthäi <email address hidden>  Tue, 16 Oct 2012 11:10:43 +0200

Available diffs

Obsolete in natty-updates
Obsolete in natty-security
otrs2 (2.4.9+dfsg1-3+squeeze3build0.11.04.1) natty-security; urgency=low

  * fake sync from Debian

Superseded in raring-release
Obsolete in quantal-release
otrs2 (3.1.7+dfsg1-5) unstable; urgency=medium


  * Add upstream patch 29-security-tag-nesting to improve HTML security to
    detect tag nasting.

 -- Patrick Matthäi <email address hidden>  Tue, 28 Aug 2012 21:42:45 +0200

Available diffs

Superseded in quantal-release
otrs2 (3.1.7+dfsg1-4) unstable; urgency=high


  * Correct typo in changelog from my last upload.
  * Add upstream patch 28-osa-2012-01-ie-xss from OSA-2012-01, which fixes a
    XSS vulnerability when using the Internet Explorer.
  * Move libmail-imapclient-perl from Suggests to Depends and also depend on
    the version in Wheezy. This is an additional fix for the 3.1.7+dfsg1-3
    upload to ensure that the correct version is installed.

 -- Patrick Matthäi <email address hidden>  Wed, 22 Aug 2012 20:58:13 +0200

Available diffs

Superseded in quantal-release
otrs2 (3.1.7+dfsg1-2) unstable; urgency=low


  * Add patch 26-font-paths, which adds the full paths to the font files, so
    that the PDF export will not die.

 -- Patrick Matthäi <email address hidden>  Tue, 03 Jul 2012 16:44:21 +0200

Available diffs

Superseded in quantal-release
otrs2 (3.1.7+dfsg1-1) unstable; urgency=low


  * New upstream release.
    - Refresh hunky patch 21-use-debian-libjs-packages.
    - Refresh hunky patch 16-disable-DashboardProductNotify.

 -- Patrick Matthäi <email address hidden>  Mon, 02 Jul 2012 19:01:46 +0200

Available diffs

Superseded in quantal-release
otrs2 (3.1.6+dfsg1-1) unstable; urgency=low


  * New upstream release.
    - Adjust patch 25-use-locale-country, the country information is not
      printed to STDERR anymore.

 -- Patrick Matthäi <email address hidden>  Tue, 05 Jun 2012 19:32:30 +0200

Available diffs

51100 of 141 results