Bug 635847
Summary: | CVE-2010-0438 CVE-2010-2080 CVE-2010-3476 CVE-2011-0456 otrs: multiple vulnerabilities [fedora-epel5] | ||
---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Vincent Danen <vdanen> |
Component: | otrs | Assignee: | Nobody's working on this, feel free to take it <nobody> |
Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | el5 | CC: | dtimms, extras-orphan, pahan, vanmeeuwen+fedora |
Target Milestone: | --- | Keywords: | Security, SecurityTracking |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Release Note | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-01-29 17:49:41 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 563486, 607873, 635845, 688727 |
Description
Vincent Danen
2010-09-20 21:40:29 UTC
Adding CVE-2010-0438 to this tracker. Adding CVE-2011-0456 to this tracker. Since only EPEL-5 ships OTRS, and nothing else does, maybe it would be prudent to obsolete/remove this package? Looks like it's orphaned. Also note that our current otrs is vulnerable to the following additional CVEs: CVE-2008-7275, CVE-2008-7276, CVE-2008-7277, CVE-2008-7278, CVE-2008-7279, CVE-2008-7280, CVE-2008-7281, CVE-2008-7282, CVE-2008-7283, CVE-2009-5055, CVE-2009-5056, CVE-2009-5057, CVE-2010-4758, CVE-2010-4759, CVE-2010-4760, CVE-2010-4761, CVE-2010-4762, CVE-2010-4763, CVE-2010-4764, CVE-2010-4765, CVE-2010-4766, CVE-2010-4767, CVE-2010-4768, CVE-2011-1433 Looks like OTRS is no longer available in any repo, so closing this. |