[IT-SecNots] [announce] Security Advisory 2020-03, Security Advisory 2020-02, Security Advisory 2020-01

[Bernd Maus <bernd.maus AT otrs.com>]

+++++++++ Security Advisory 2020-03: Security Update for OTRS Framework 
+++++++++

Releases:               OTRS 7.0.x, OTRS 6.0.x,
Release date:           10-January-2020
Status:                 Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-03           <security at otrs.org>
------------------------------------------------------------------
ID: OSA-2020-03
Date: 2020-01-10
Title: Possible to send drafted messages as wrong agent
Severity: 3.5 LOW
Product: OTRS 7.0.x, OTRS 6.0.x
Fixed in: OTRS 7.0.14, OTRS 6.0.25      
References: CVE-2020-1767

To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-03/



+++++++++ Security Advisory 2020-02: Security Update for OTRS Framework 
+++++++++

Releases:               OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x
Release date:          10-January-2020
Status:                 Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-02          <security at otrs.org>
------------------------------------------------------------------
ID: OSA-2020-02
Date: 2020-01-10
Title: Improper handling of uploaded inline images
Severity: 2.0 LOW
Product: OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x 
Fixed in: OTRS 7.0.14, OTRS 6.0.25,, OTRS 5.0.40       
References: CVE-2020-1766       

To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-02/



+++++++++ Security Advisory 2020-01: Security Update for OTRS Framework 
+++++++++

Releases:               OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x
Release date:           10-January-2020
Status:                 Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-01          <security at otrs.org>
------------------------------------------------------------------
ID: OSA-2020-01 
Date: 2020-01-10
Title: Spoofing of From field in several screens
Severity: 3.5. LOW
Product: OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x 
Fixed in: OTRS 7.0.14, OTRS 6.0.25,, OTRS 5.0.40       
References: CVE-2020-1765            

To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-01/ 



Best regards
Bernd Maus
—
Online Marketing Manager

OTRS AG
Zimmersmühlenweg 11
61440 Oberursel
Germany

T: +49 6172 681988-44
F: +49 9421 56818-18
I:  https://www.otrs.com/

Business location: Oberursel, Country Court: Bad Homburg, HRB 10751, VAT ID: 
DE256610065
Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), 
Christopher Kuhn, Sabine Riedel

OTRS 7 | Automation • Agility • Communication • Transparency
Find out more

OTRS is a SERVIEW CERTIFIEDTOOL.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

---------------------------------------------------------------------
OTRS mailing list: announce - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/announce
To unsubscribe: http://lists.otrs.org/mailman/listinfo/announce