Page MenuHomePhabricator

Upgrade to OTRS version 5.0.32
Closed, ResolvedPublic



There is a vulnerability introduced in 5.0.31 (we upgraded in T209184) that could potentially allow from privilege escalation. I 've audited the code in and we are not vulnerable as we haven't run the upgrade script since when we upgraded to OTRS 5.x.

That being said, we should upgrade anyway since patch level upgrades are easy and it would minimize confusion for SREs and volunteers

Event Timeline

Restricted Application added subscribers: Scoopfinder, Aklapper. · View Herald TranscriptNov 16 2018, 10:32 AM

Mentioned in SAL (#wikimedia-operations) [2018-11-16T10:39:00Z] <akosiaris> upgrade OTRS to 5.0.32 T209691

akosiaris triaged this task as Normal priority.Nov 16 2018, 10:49 AM
akosiaris closed this task as Resolved.

Upgrade done, resolving

akosiaris moved this task from Incoming to Resolved on the OTRS board.Jan 18 2019, 4:20 PM