Hello community, here is the log from the commit of package otrs for openSUSE:Factory checked in at 2018-12-03 10:10:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/otrs (Old) and /work/SRC/openSUSE:Factory/.otrs.new.19453 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "otrs" Mon Dec 3 10:10:41 2018 rev:62 rq:653199 version:5.0.32 Changes: -------- --- /work/SRC/openSUSE:Factory/otrs/otrs.changes 2018-10-01 08:17:30.209964568 +0200 +++ /work/SRC/openSUSE:Factory/.otrs.new.19453/otrs.changes 2018-12-03 10:11:12.747663410 +0100 @@ -1,0 +2,22 @@ +Thu Nov 29 14:46:21 UTC 2018 - chris@computersalat.de + +- Update to 5.0.32 + * https://community.otrs.com/release-notes-otrs-5s-patch-level-32/ +- fix for boo#1116004 + * (CVE-n/a, OSA-2018-10) + Data loss during migration + Users updating to OTRS 6.0.13 (also patchlevel updates) or 5.0.31 + (only major updates) will experience data loss in their agent + preferences table. +- fix for boo#1115416 + * (CVE-2018-19141, OSA-2018-09) + Privilege Escalation + An attacker who is logged into OTRS as an admin user may manipulate + the URL to cause execution of JavaScript in the context of OTRS. + * (CVE-2018-19143, OSA-2018-07) + Remote File Deletion + An attacker who is logged into OTRS as a user may manipulate the + submission form to cause deletion of arbitrary files that the + OTRS web server user has write access to. + +------------------------------------------------------------------- Old: ---- itsm-5.0.30.tar.bz2 otrs-5.0.30.tar.bz2 New: ---- itsm-5.0.32.tar.bz2 otrs-5.0.32.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ otrs.spec ++++++ --- /var/tmp/diff_new_pack.y15xvj/_old 2018-12-03 10:11:14.695661608 +0100 +++ /var/tmp/diff_new_pack.y15xvj/_new 2018-12-03 10:11:14.699661605 +0100 @@ -23,8 +23,8 @@ Name: otrs -%define otrs_ver 5.0.30 -%define itsm_ver 5.0.30 +%define otrs_ver 5.0.32 +%define itsm_ver 5.0.32 %define itsm_min 5 %define otrs_root /srv/%{name} %define otrsdoc_dir_files AUTHORS* CHANGES* COPYING* CREDITS README* UPGRADING.SUSE doc ++++++ itsm-5.0.30.tar.bz2 -> itsm-5.0.32.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/otrs/itsm-5.0.30.tar.bz2 /work/SRC/openSUSE:Factory/.otrs.new.19453/itsm-5.0.32.tar.bz2 differ: char 11, line 1 ++++++ otrs-5.0.30.tar.bz2 -> otrs-5.0.32.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/otrs/otrs-5.0.30.tar.bz2 /work/SRC/openSUSE:Factory/.otrs.new.19453/otrs-5.0.32.tar.bz2 differ: char 11, line 1