data/CVE/list

@@ -502,8 +502,13 @@ CVE-2019-12500 (The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing
 	NOT-FOR-US: Xiaomi M365 scooter
 CVE-2019-12498
 	RESERVED
-CVE-2019-12497
+CVE-2019-12497 [OSA-2019-09]
 	RESERVED
+	- otrs2 6.0.19-1
+	[stretch] - otrs2 <no-dsa> (Non-free not supported)
+	NOTE: https://community.otrs.com/security-advisory-2019-09-security-update-for-otrs-framework/
+	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/f8bcf08dfc5f06915c1352c07e5f626f9b5ecfc2
+	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d4cc3f0e24937fa53870132003aec6af460b9b57
 CVE-2019-12496 (An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt  ...)
 	NOT-FOR-US: Hybrid Group Gobot
 CVE-2019-12495 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
@@ -1123,8 +1128,15 @@ CVE-2019-12250 (IdentityServer IdentityServer4 through 2.4 has stored XSS via th
 	NOT-FOR-US: IdentityServer
 CVE-2019-12249
 	RESERVED
-CVE-2019-12248
+CVE-2019-12248 [OSA-2019-08]
 	RESERVED
+	- otrs2 6.0.19-1
+	[stretch] - otrs2 <no-dsa> (Non-free not supported)
+	NOTE: https://community.otrs.com/security-advisory-2019-08-security-update-for-otrs-framework/
+	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/4e06ef439c33e7d90af16451719415c780e0c29c
+	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/0713999042e3ce7fa60067d3cd165206899224bf
+	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/edbc7371a52fc5d0032e934d2456b5f39da317f1
+	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/2d85ce89515db8e94b36ea8ba97f21e27aa66efd
 CVE-2019-12247 (** DISPUTED ** QEMU 3.0.0 has an Integer Overflow because the qga/comm ...)
 	- qemu <unfixed> (unimportant; bug #929365)
 	- qemu-kvm <removed> (unimportant)