[IT-SecNots] [announce] Security Advisory 2020-10, Security Advisory 2020-09, Security Advisory 2020-08, Security Advisory 2020-07, Security Advisory 2020-06

[Bernd Maus <bernd.maus AT otrs.com>]

+++++++++ Security Advisory 2020-10: Security Update for OTRS Framework 
+++++++++



Releases:        OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Release date:  27-March-2020
Status:             Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-10           <security at otrs.org>
------------------------------------------------------------------
ID:                OSA-2020-10
Date:            2020-03-27
Title:             Session / Password token leak
Severity:       7.3 HIGH
Product:       OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Fixed in:       OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) 
Community Edition 5.0.42 
References: CVE-2020-1773


To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-10



+++++++++ Security Advisory 2020-09: Security Update for OTRS Framework 
+++++++++



Releases:        OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Release date:  27-March-2020
Status:             Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-09           <security at otrs.org>
------------------------------------------------------------------
ID:                OSA-2020-09
Date:            2020-03-27
Title:             Information Disclosure
Severity:       6.5 MEDIUM
Product:       OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Fixed in:       OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) 
Community Edition 5.0.42 
References: CVE-2020-1772


To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-09



+++++++++ Security Advisory 2020-08: Security Update for OTRS Framework 
+++++++++


Releases:        OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Release date:  27-March-2020
Status:             Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-08           <security at otrs.org>
------------------------------------------------------------------
ID:                OSA-2020-08
Date:            2020-03-27
Title:             Possible XSS in Customer user address book
Severity:       4.6 MEDIUM
Product:       OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, 
Fixed in:       OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, 
References: CVE-2020-1771


To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-08



+++++++++ Security Advisory 2020-07: Security Update for OTRS Framework 
+++++++++



Releases:        OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Release date:  27-March-2020
Status:             Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-07           <security at otrs.org>
------------------------------------------------------------------
ID:                OSA-2020-07
Date:            2020-03-27
Title:             Information disclosure in support bundle files
Severity:       2.4 LOW
Product:       OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Fixed in:       OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) 
Community Edition 5.0.42 
References: CVE-2020-1770


To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-07



+++++++++ Security Advisory 2020-06: Security Update for OTRS Framework 
+++++++++



Releases:        OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Release date:  27-March-2020
Status:             Patch Level Release

SECURITY FIXES:
==============  
------------------------------------------------------------------
OTRS Security Advisory 2020-06           <security at otrs.org>
------------------------------------------------------------------
ID:                OSA-2020-06
Date:            2020-03-27
Title:             Autocomplete in the form login screens
Severity:       3.5 LOW
Product:       OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) 
Community Edition 5.0.x
Fixed in:       OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) 
Community Edition 5.0.42 
References: CVE-2020-1769


To read the entire Security Advisory please follow this link.

https://community.otrs.com/security-advisory-2020-06







Bernd Maus
—
Online Marketing Manager

OTRS AG
Zimmersmühlenweg 11
61440 Oberursel
Germany

T: +49 6172 681988-44
F: +49 9421 56818-18
I:  https://www.otrs.com/

Business location: Oberursel, Country Court: Bad Homburg, HRB 10751, VAT ID: 
DE256610065
Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), 
Christopher Kuhn, Sabine Riedel

OTRS 8 | Fast • Modern • Secure 
Learn more.

OTRS is a SERVIEW CERTIFIEDTOOL.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

---------------------------------------------------------------------
OTRS mailing list: announce - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/announce
To unsubscribe: http://lists.otrs.org/mailman/listinfo/announce