Hello,
during the DB upgrade script, i have that error:
[otrs@helpdesk]$ scripts/DBUpdate-to-6.pl
Migration started ...
Checking requirements ...
Requirement check for: Check framework version ...
Requirement check for: Check required Perl version ...
Requirement check for: Check required database version ...
Requirement check for: Check database charset ...
Requirement check for: Check required Perl modules ...
Requirement check for: Check if database has been backed up ...
Did you backup the database? [Y]es/[N]o: y
Requirement check for: Upgrade database structure ...
Requirement check for: Migrating time zone configuration ...
The currently configured time offset is 2 hours, these are the suggestions for a corresponding OTRS time zone:
Africa/Cairo
Africa/Ceuta
Africa/Johannesburg
Africa/Khartoum
Africa/Maputo
Africa/Tripoli
Africa/Windhoek
Antarctica/Troll
CET
Europe/Amsterdam
Europe/Andorra
Europe/Belgrade
Europe/Berlin
Europe/Brussels
Europe/Budapest
Europe/Copenhagen
Europe/Gibraltar
Europe/Kaliningrad
Europe/Luxembourg
Europe/Madrid
Europe/Malta
Europe/Monaco
Europe/Oslo
Europe/Paris
Europe/Prague
Europe/Rome
Europe/Stockholm
Europe/Tirane
Europe/Vienna
Europe/Warsaw
Europe/Zurich
MET
It seems that Europe/Rome should be the correct time zone to set for your OTRS.
Enter the time zone to use for OTRSTimeZone (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for UserDefaultTimeZone (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar1 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar2 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar3 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar4 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar5 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar6 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar7 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar8 (leave empty to show a list of all available time zones): Europe/Rome
Enter the time zone to use for TimeZone::Calendar9 (leave empty to show a list of all available time zones): Europe/Rome
Requirement check for: Update calendar appointment future tasks ...
Requirement check for: Migrate GenericAgent jobs configuration ...
Requirement check for: Migrate TicketAppointment rules configuration ...
Requirement check for: Create entries in new article table ...
Requirement check for: Migrate ArticleType in ProcessManagement Data ...
Requirement check for: Migrate ArticleType in PostMaster filters ...
Executing tasks ...
Step 1 of 44: Check framework version ...
Step 2 of 44: Check required Perl version ...
Step 3 of 44: Check required database version ...
Step 4 of 44: Check database charset ...
Step 5 of 44: Check required Perl modules ...
Step 6 of 44: Check installed CPAN modules for known vulnerabilities ...
Collecting all installed modules. This can take a while...
Archive-Tar (requires 1.92) has 1 advisories
* CPANSA-Archive-Tar-2018-01
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Affected range: <2.28
CVEs: CVE-2018-12015
References:
https://security-tracker.debian.org/tra ... 2018-12015
https://github.com/jib/archive-tar-new/ ... 68215c1fc5
Archive-Zip (requires 1.30) has 1 advisories
* CPANSA-Archive-Zip-2018-01
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
Affected range: <1.61
CVEs: CVE-2018-10860
References:
https://security-tracker.debian.org/tra ... 2018-10860
https://github.com/redhotpenguin/perl-A ... ip/pull/33
Compress-Raw-Zlib (requires 2.061) has 1 advisories
* CPANSA-Compress-Raw-Zlib-2017-01
Zlib vulnerabilities.
Affected range: <2.075
Fixed range: >=2.075
CVEs: CVE-2016-9843, CVE-2016-9841, CVE-2016-9840, CVE-2016-9842
References:
https://metacpan.org/changes/distributi ... s-Raw-Zlib
DBD-mysql (requires 4.023) has 7 advisories
* CPANSA-DBD-mysql-2017-02
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a MySQL server or (2) a loss of a network connection to a MySQL server. The use-after-free defect was introduced by relying on incorrect Oracle mysql_stmt_close documentation and code examples.
Affected range: <4.044
Fixed range: >=4.044
CVEs: CVE-2017-10788
References:
https://github.com/perl5-dbi/DBD-mysql/issues/120
* CPANSA-DBD-mysql-2017-01
The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a "your communication with the server will be encrypted" statement), which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.
Affected range: <4.044
Fixed range: >=4.044
CVEs: CVE-2017-10789
References:
https://github.com/perl5-dbi/DBD-mysql/pull/114
* CPANSA-DBD-mysql-2016-03
Out-of-bounds read.
Affected range: >=2.9003, <4.039
Fixed range: <2.9003, >=4.039
CVEs: CVE-2016-1249
References:
https://github.com/perl5-dbi/DBD-mysql/ ... 995a6fbabe
* CPANSA-DBD-mysql-2016-02
Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.
Affected range: <4.037
Fixed range: >=4.037
CVEs: CVE-2016-1246
References:
https://github.com/perl5-dbi/DBD-mysql/ ... e85dfdefd2
http://blogs.perl.org/users/mike_b/2016 ... brary.html
* CPANSA-DBD-mysql-2016-01
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
Affected range: <4.034
Fixed range: >=4.034
CVEs: CVE-2015-8949
References:
https://github.com/perl5-dbi/DBD-mysql/ ... 81460ca156
* CPANSA-DBD-mysql-2015-01
There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.
Affected range: <4.041
Fixed range: >=4.041
CVEs: CVE-2016-1251
References:
https://github.com/perl5-dbi/DBD-mysql/ ... 4832adb1b1
* CPANSA-DBD-mysql-2014-01
Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
Affected range: <4.028
Fixed range: >=4.028
CVEs: CVE-2014-9906
References:
https://github.com/perl5-dbi/DBD-mysql/ ... 41ccccf1cc
https://rt.cpan.org/Public/Bug/Display.html?id=97625
DBI (requires 1.627) has 1 advisories
* CPANSA-DBI-2014-01
DBD::File drivers open files from folders other than specifically passed using the f_dir attribute.
Affected range: <1.632
Fixed range: >=1.632
References:
https://metacpan.org/changes/distribution/DBI
https://rt.cpan.org/Public/Bug/Display.html?id=99508
Data-Dumper (requires 2.145) has 1 advisories
* CPANSA-Data-Dumper-2014-01
Infinite recursion.
Affected range: <2.154
Fixed range: >=2.154
CVEs: CVE-2014-4330
References:
https://metacpan.org/changes/distribution/Data-Dumper
Encode (requires 2.51) has 1 advisories
* CPANSA-Encode-2016-01
Loading optional modules from . (current directory).
Affected range: <2.85
Fixed range: >=2.85
CVEs: CVE-2016-1238
References:
https://metacpan.org/changes/distribution/Encode
https://github.com/dankogai/p5-encode/p ... 0dc0993ec6
ExtUtils-MakeMaker (requires 6.68) has 1 advisories
* CPANSA-ExtUtils-MakeMaker-2016-01
Loading modules from . (current directory).
Affected range: <7.22
Fixed range: >=7.22
CVEs: CVE-2016-1238
References:
https://metacpan.org/changes/distributi ... -MakeMaker
https://github.com/Perl-Toolchain-Gang/ ... c390e0ae88
File-Path (requires 2.09) has 1 advisories
* CPANSA-File-Path-2017-01
Race condition in the rmtree and remove_tree functions allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
Affected range: <2.13
Fixed range: >=2.13
CVEs: CVE-2017-6512
References:
https://metacpan.org/changes/distribution/File-Path
https://github.com/jkeenan/File-Path/co ... 552b3a6af2
HTTP-Tiny (requires 0.033) has 1 advisories
* CPANSA-HTTP-Tiny-2016-01
Loading modules from . (current directory).
Affected range: <0.059
Fixed range: >=0.059
CVEs: CVE-2016-1238
References:
https://metacpan.org/changes/distribution/HTTP-Tiny
https://github.com/chansen/p5-http-tiny ... 1df6e66444
PathTools (requires 3.40) has 2 advisories
* CPANSA-PathTools-2016-02
Does not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.
Affected range: <3.65
Fixed range: >=3.65
CVEs: CVE-2016-1238
References:
https://metacpan.org/changes/distribution/PathTools
* CPANSA-PathTools-2016-01
Does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.
Affected range: <3.62
Fixed range: >=3.62
CVEs: CVE-2015-8607
References:
https://metacpan.org/changes/distribution/PathTools
Storable (requires 2.45) has 1 advisories
* CPANSA-Storable-2017-01
Malcrafted storable files or buffers.
Affected range: <3.05
Fixed range: >=3.05
References:
https://metacpan.org/changes/distribution/Storable
https://cxsecurity.com/issue/WLB-2007120031
XML-LibXML (requires 2.0018) has 1 advisories
* CPANSA-XML-LibXML-2015-01
The _clone function does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
Affected range: <2.0120
Fixed range: >=2.0120
CVEs: CVE-2015-3451
References:
https://metacpan.org/changes/distribution/XML-LibXML
Total advisories found: 20
WARNING: CPAN::Audit reported that one or more installed CPAN modules have known vulnerabilities (see above). Please note that there might be false positives for distributions patching Perl modules without changing their version number.
Step 7 of 44: Check if database has been backed up ...
Step 8 of 44: Upgrade database structure ...
[Wed Oct 6 15:27:43 2021] DBUpdate-to-6.pl: DBD::mysql::db do failed: Incorrect string value: '\xC5\x91rizz...' for column 'text' at row 1 at /opt/otrs/Kernel/System/DB.pm line 471.
ERROR: OTRS-otrs.Console.pl-Dev::Code::CPANAudit-10 Perl: 5.16.3 OS: linux Time: Wed Oct 6 13:27:43 2021
Message: Incorrect string value: '\xC5\x91rizz...' for column 'text' at row 1, SQL: 'INSERT INTO notification_event_message (id, notification_id, content_type, language, subject, text)
VALUES
(111, 45, 'text/plain', 'hu', 'E-mail kézbesÃtési hiba', 'Kedves <OTRS_NOTIFICATION_RECIPIENT_UserFirstname>!
FelhÃvjuk a figyelmét, hogy a(z) [<OTRS_CONFIG_Ticket::Hook><OTRS_CONFIG_Ticket::HookDivider><OTRS_TICKET_TicketNumber>] jegy e-mail bejegyzésének kézbesÃtése nem sikerült. EllenÅ�rizze, hogy nincs-e a cÃmzett e-mail cÃmében hiba, és próbálja meg újra. Kézileg is újraküldheti a bejegyzést a jegybÅ�l, ha szükséges.
Hibaüzenet:
<OTRS_AGENT_TransmissionStatusMessage>
<OTRS_CONFIG_HttpType>://<OTRS_CONFIG_FQDN>/<OTRS_CONFIG_ScriptAlias>index.pl?Action=AgentTicketZoom\;TicketID=<OTRS_TICKET_TicketID>\;ArticleID=<OTRS_AGENT_ArticleID>
-- <OTRS_CONFIG_NotificationSenderName>')'
Traceback (2875):
Module: scripts::DBUpdateTo6::Base::ExecuteXMLDBString Line: 395
Module: scripts::DBUpdateTo6::Base::ExecuteXMLDBArray Line: 343
Module: scripts::DBUpdateTo6::UpgradeDatabaseStructure::UpdateNotificationTables::Run Line: 192
Module: scripts::DBUpdateTo6::UpgradeDatabaseStructure::Run Line: 143
Module: scripts::DBUpdateTo6::_ExecuteComponent Line: 158
Module: scripts::DBUpdateTo6::Run Line: 70
Module: scripts/DBUpdate-to-6.pl Line: 88
ERROR: OTRS-otrs.Console.pl-Dev::Code::CPANAudit-10 Perl: 5.16.3 OS: linux Time: Wed Oct 6 13:27:43 2021
Message: Error during execution of 'INSERT INTO notification_event_message (id, notification_id, content_type, language, subject, text)
VALUES
(111, 45, 'text/plain', 'hu', 'E-mail kézbesítési hiba', 'Kedves <OTRS_NOTIFICATION_RECIPIENT_UserFirstname>!
Felhívjuk a figyelmét, hogy a(z) [<OTRS_CONFIG_Ticket::Hook><OTRS_CONFIG_Ticket::HookDivider><OTRS_TICKET_TicketNumber>] jegy e-mail bejegyzésének kézbesítése nem sikerült. Ellenőrizze, hogy nincs-e a címzett e-mail címében hiba, és próbálja meg újra. Kézileg is újraküldheti a bejegyzést a jegyből, ha szükséges.
Hibaüzenet:
<OTRS_AGENT_TransmissionStatusMessage>
<OTRS_CONFIG_HttpType>://<OTRS_CONFIG_FQDN>/<OTRS_CONFIG_ScriptAlias>index.pl?Action=AgentTicketZoom\;TicketID=<OTRS_TICKET_TicketID>\;ArticleID=<OTRS_AGENT_ArticleID>
-- <OTRS_CONFIG_NotificationSenderName>')'!
Traceback (2875):
Module: scripts::DBUpdateTo6::Base::ExecuteXMLDBString Line: 398
Module: scripts::DBUpdateTo6::Base::ExecuteXMLDBArray Line: 343
Module: scripts::DBUpdateTo6::UpgradeDatabaseStructure::UpdateNotificationTables::Run Line: 192
Module: scripts::DBUpdateTo6::UpgradeDatabaseStructure::Run Line: 143
Module: scripts::DBUpdateTo6::_ExecuteComponent Line: 158
Module: scripts::DBUpdateTo6::Run Line: 70
Module: scripts/DBUpdate-to-6.pl Line: 88
Not possible to complete migration, check previous messages for more information.
[otrs@helpdesk]$
Any ideas?
OTRS upgrade from 5 to 6 - strange error [Solved]
Moderator: crythias
OTRS upgrade from 5 to 6 - strange error [Solved]
Last edited by lando on 06 Oct 2021, 18:06, edited 1 time in total.
Re: OTRS upgrade from 5 to 6 - strange error "Update"
Update:
I tried to re-launch the script migrator like "su -c "/opt/otrs/scripts/DBUpdate-to-6.pl" otrs" and the erro was change:
Step 7 of 44: Check if database has been backed up ...
Step 8 of 44: Upgrade database structure ...
Step 9 of 44: Migrate configuration ...
Step 10 of 44: Refresh configuration cache after migration of OTRS 5 settings ...
Step 11 of 44: Migrating ticket storage configuration ...
Step 12 of 44: Migrating article search index configuration ...
Step 13 of 44: Migrating ticket zoom customer information widget configuration ...
Step 14 of 44: Drop deprecated table gi_object_lock_state ...
Step 15 of 44: Migrate PossibleNextActions setting ...
Step 16 of 44: Migrate ZoomExpand setting ...
Step 17 of 44: Migrating time zone configuration ...
Step 18 of 44: Migrating modified settings ...
Step 19 of 44: Create appointment calendar tables ...
Step 20 of 44: Create ticket number counter tables ...
Step 21 of 44: Update calendar appointment future tasks ...
Step 22 of 44: Add basic appointment notification for reminders ...
ERROR: OTRS-otrs.Console.pl-Dev::Code::CPANAudit-10 Perl: 5.16.3 OS: linux Time: Wed Oct 6 15:32:59 2021
Message: A notification with the name 'Appointment reminder notification' already exists.
Traceback (2921):
Module: Kernel::System::NotificationEvent::NotificationAdd Line: 311
Module: scripts::DBUpdateTo6::AddAppointmentCalendarNotification::Run Line: 163
Module: scripts::DBUpdateTo6::_ExecuteComponent Line: 158
Module: scripts::DBUpdateTo6::Run Line: 70
Module: /opt/otrs/scripts/DBUpdate-to-6.pl Line: 88
Not possible to complete migration, check previous messages for more information.
[root@helpdesk]#
I tried to re-launch the script migrator like "su -c "/opt/otrs/scripts/DBUpdate-to-6.pl" otrs" and the erro was change:
Step 7 of 44: Check if database has been backed up ...
Step 8 of 44: Upgrade database structure ...
Step 9 of 44: Migrate configuration ...
Step 10 of 44: Refresh configuration cache after migration of OTRS 5 settings ...
Step 11 of 44: Migrating ticket storage configuration ...
Step 12 of 44: Migrating article search index configuration ...
Step 13 of 44: Migrating ticket zoom customer information widget configuration ...
Step 14 of 44: Drop deprecated table gi_object_lock_state ...
Step 15 of 44: Migrate PossibleNextActions setting ...
Step 16 of 44: Migrate ZoomExpand setting ...
Step 17 of 44: Migrating time zone configuration ...
Step 18 of 44: Migrating modified settings ...
Step 19 of 44: Create appointment calendar tables ...
Step 20 of 44: Create ticket number counter tables ...
Step 21 of 44: Update calendar appointment future tasks ...
Step 22 of 44: Add basic appointment notification for reminders ...
ERROR: OTRS-otrs.Console.pl-Dev::Code::CPANAudit-10 Perl: 5.16.3 OS: linux Time: Wed Oct 6 15:32:59 2021
Message: A notification with the name 'Appointment reminder notification' already exists.
Traceback (2921):
Module: Kernel::System::NotificationEvent::NotificationAdd Line: 311
Module: scripts::DBUpdateTo6::AddAppointmentCalendarNotification::Run Line: 163
Module: scripts::DBUpdateTo6::_ExecuteComponent Line: 158
Module: scripts::DBUpdateTo6::Run Line: 70
Module: /opt/otrs/scripts/DBUpdate-to-6.pl Line: 88
Not possible to complete migration, check previous messages for more information.
[root@helpdesk]#
Re: OTRS upgrade from 5 to 6 - strange error [Solved]
I tried to choice "UTC" time zone instead of "Europe/Rome" during the "su -c "/opt/otrs/scripts/DBUpdate-to-6.pl otrs" and the migration work fine!