Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [announce]New Security Updates for OTRS

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [announce]New Security Updates for OTRS


Chronologisch Thread  
  • From: Bernd Maus <bernd.maus AT otrs.com>
  • To: "announce AT lists.otrs.org" <announce AT lists.otrs.org>
  • Subject: [IT-SecNots] [announce]New Security Updates for OTRS
  • Date: Mon, 3 Jun 2024 08:30:28 +0000
  • Accept-language: en-US, de-DE
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=otrs.com; dmarc=pass action=none header.from=otrs.com; dkim=pass header.d=otrs.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ay9Hjag/gqkppCKwmBbyVpf9Yc3f1pEzdkIPE+Dmokw=; b=MF/7/EF566mFkw3pqHoctREhiO/E3fGZbn/GNEWkbzikq2KQ3uHbXmIGNclROz7H6cqdu3iSILyHL3+6YRwynPVg7HiHOl4WALqLIvDpeD94YdDjF1bwQyvVsqAZtd3tTQX0FXs/DDQyGdKEhrXOwft+JfX4WCSSs+5aosjPFay40F28oB7PwsW95lZHqpck34QumL354tJ5kSbzeqRjRSr06LkPEhjay/iLzU9Ku73Vtj+YenJ2QlAEPtfhBf6oRR7Ko14lW9cKiWOvavQNEqy3XxeqaEGZErp6H3ssZc/4uCTIENF2Wec0z6UpRK2S+vZ+bfNwmRuUMBph46/2zQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mEI2emipsl3d0AhRsEqIxKCGNsZCQ/OjXPPNLytMY6mL8jLshKjgOZv33iTcWkyQEo4yF8dvid+b2Kl59jVYmc89grk6HJJJTUxL9JUwbDkV9b1wT6WttugmOgoYPMgHupQ/DD3c3p6YV9sQFaorzS++03eAPcAEuvhEynDniBM4vyu1flSw2FhisfNKPHTjaVW81gznc3MA0mqyJ2rYGPA+wKIyDcKQzkOFblJzB8S9aigSQcaNnxHGbvDL+i9IXqh4mk2K5ogmcicb/64HPSc0PzFjkzdl9oE4DcYJAkuf07bOx4IdHAtTJRi0aZ00z+aTAVTpMeXQk4hdu0R2vw==
  • Archived-at: <https://lists.otrs.org/hyperkitty/list/announce AT lists.otrs.org/message/6CJ4TF4MK6ZGWBJT4NWTPYQKZ3V27UYR/>
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=otrs.com;
  • List-archive: <https://lists.otrs.org/hyperkitty/list/announce AT lists.otrs.org/>
  • List-id: "Announcements about OTRS.org" <announce.lists.otrs.org>

 

Security Advisories

 

 

 

Dear reader,

The following security fixes were made:

OTRS Security Advisory 2024-05

ID: OSA-2024-05
Date: 2024-06-03
Title: Possible remote code execution in uploaded filenames
Severity (CVSS v3.1): 6.3 MEDIUM
Severity (CVSS v4.0): 6.8 MEDIUM
Urgency: Moderate
Products: OTRS, ((OTRS)) Community Edition
Fixed in: OTRS 7.0.50, OTRS 2024.4.3
CVSS VECTORs: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L / CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/U:Amber
References: CVE-2024-23793 

To read the entire Security Advisory/Advisories, please follow this link:

https://otrs.com/otrs-software-solutions/otrs/overview-release-notes-security-advisories/security-advisories/

 

Kind regards,

Your OTRS release team

 

 

 

 

Subscribe to the OTRS Newsletter.

 

Read about OTRS service management solutions, product features, and interesting tips from our experts every month. Simply select your desired language.

 

 

 

Facebook

Twitter

LinkedIn

YouTube

Instagram

 

 

 

 

 

Attachment: smime.p7s
Description: S/MIME cryptographic signature

--
_______________________________________________
announce mailing list -- announce AT lists.otrs.org
To unsubscribe send an email to announce-leave AT lists.otrs.org
To manage your subscription or browse the message archive visit:
https://lists.otrs.org/postorius/lists/announce.lists.otrs.org/


  • [IT-SecNots] [announce]New Security Updates for OTRS, Bernd Maus, 03.06.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang