Last modified: 2012-02-08 02:10:39 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T20344, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 18344 - Security vulnerability in OTRS software
Security vulnerability in OTRS software
Status: RESOLVED FIXED
Product: Wikimedia
Classification: Unclassified
OTRS (Other open bugs)
unspecified
All All
: High critical (vote)
: ---
Assigned To: Tim Starling
http://ticket.wikimedia.org
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-04-04 23:01 UTC by Jon
Modified: 2012-02-08 02:10 UTC (History)
6 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Comment 1 NonvocalScream 2009-04-05 15:28:29 UTC
Reported upstream to the OTRS security contact.  I'll post here the result.  Also, I've informed TStarling of the upstream report, just in case this *is* a local configuration issue.
Comment 2 Jon 2009-04-05 16:41:20 UTC
Upstream per TStarling.
Comment 3 Gnu1742 2009-04-22 15:29:45 UTC
Could any information about the progress of this bug be posted on the otrs-wiki? This is a security-issue concerning the privacy of all OTRS-Agents, so a mere 'Resolved, Resolution Later' is a bit poor as the only progress within 2 weeks.
Comment 4 Brion Vibber 2011-11-29 20:30:15 UTC
What's the status on this?

I'd like to assume whatever it was got fixed, but... asking is better.

I would file a followup in the internal RT tracker, but my password appears to have been lost and there's no reset system so I can't get in.
Comment 5 Raimond Spekking 2011-11-29 20:36:36 UTC
Maybe it would help to update OTRS to the latest version *hides* It's on the xmas wishlist of the OTRS team.
Comment 6 Rob Lanphier 2012-02-08 02:00:54 UTC
Bumping up priority, though I'm not sure what the issue is since I don't currently have access to OTRS wiki.
Comment 7 Rob Lanphier 2012-02-08 02:10:39 UTC
...and after further investigation, it appears this one was fixed shortly after it was reported.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links