Please see the latest OTRS security advisory, published today, at https://www.otrs.com/security-advisory-2015-02-scheduler-process-id-file-access/. We are currently running OTRS 3.2.14. The vulnerability is fixed in 3.2.18. In the past, @Jgreen has performed such security-related patch-level updates a few times, which all went flawless from what I remember.
Description
Description
Related Objects
Related Objects
- Mentioned Here
- T74109: Upgrade OTRS to a more recent stable release
Event Timeline
Comment Actions
We'll upgrade OTRS to a newer major release instead, as work for this was already underway when this security vulnerability appeared and the vulnerability is minor. That work is almost done and is being tracked with T74109.