((OTRS)) Community Edition Version 6.0.33 Released
Version 6.0.33 of ((OTRS)) Community Edition is now available.
This version comes with several security fixes, including a denial of service vulnerability that potentially allowed an attacker to cause a performance drop or even a complete crash of the system by sending a specially crafted e-mail message. This vulnerability has been discovered by Alberto Molina and reported by OTRS AG in security advisory OSA-2021-16.
- CKEditor updated from version 4.16.0 to version 4.17.1
(fixed several XSS vulnerabilities -- release information: CKEditor 4.17)
- jQuery UI updated from version 1.12.1 to version 1.13.0
(fixed several XSS vulnerabilities -- security advisories: GHSA-gpqq-952q-5327, GHSA-j7qv-pgf6-hvh4, GHSA-9gj3-hwp5-pmwc)
- Moment.js updated from version 2.18.1 to version 2.29.1
(fixed a ReDoS vulnerability -- release information: moment 2.19.3 changelog)
- Nunjucks updated from version 3.0.1 to version 3.2.3
(fixed a prototype pollution vulnerability -- issue description: #1331)
The new version is available for download in the Downloads section as a Shell Installer package, and as compressed source archives.