Release Note

OTRS 8 Patch Level 20

March 21, 2022 — OTRS Group, the world’s leading provider of the OTRS service management suite, including the fully managed OTRS solution and the ITIL® 4-compliant IT service management software OTRS::ITSM, today announces the first release of the OTRS 8 patch level 20.


Important for Upgrading

This release contains a security improvement and the old behaviour has been changed. Please read the related chapter in our documentation: Allow Program Safe to Run.


  • Updated translations, thanks to all translators.
  • Fixed npm audit issues.
  • Improved performance in ticket BOL for systems with high amount of dynamic fields.
  • Added migration for AgentFrontend::CustomerUser::QuickCreateAction###0001-Framework setting and improved value type QuickCreateAction.
  • Enhance appointment backend to ensure the improvements for the package ‘OTRSCustomerEventTicketCalendar’.
  • Included linked time zones as valid time zones.
  • Improved internal handling of emitting events for browser notifications.
  • Added new console command Maint::VirtualFS::Delete to remove entries in the VirtualFS database tables as well as in the file system.
  • Removed object names in headings. The heading now contains only the amount of found objects (e.g. “(5)” instead of “(5 Tickets)”).


Bug Fixes

  • Authentication modules with PreAuth flag are not working anymore.
  • Ticket follow-up notifications do not get triggered via web service.
  • Settings in the system configuration are not checked for vulnerable commands.
  • High amount of not used data is sent to ticket detail view in the external frontend.
  • Not possible to send mail without email security option if default sign key is set for queue.
  • Typed text in a filter is deleted due to some kind of refresh in a dashboard widget.
  • OTRS web server runs into timeout during migration.
  • Disabled CustomerCompanySupport does not work properly.
  • Configuring a mini admin breaks the admin panel.
  • Session logged out when trying to add S/MIME certificate to customer user in agent frontend.
  • Overlay for the main menu is not working correctly and is mixed up with input fields of e.g. ticket create screens.
  • Inline editing causes severe performance issues. This was achieved by improving the ACL backend (thanks to Stefan Bedorf) and introducing some tweaks for the inline editing functionality.
  • Tooltips not available if a touchscreen device is used.
  • Category is displayed twice in service catalogue.
  • Layout problems with language chooser and side menu in the service catalogue.
  • Usability of resource planning widget is not optimized for dark styles.
  • Title and text of image teasers is overlapping each other.
  • Internet Explorer 11 does not display logo in agent interface correctly.
  • Links in knowledge base articles are not styled correctly.
  • Text in subject and message field is shown in lower contrast when the field is focused.
  • Change of setting Ticket::Frontend::TimeUnits is not shown on agent interface.
  • Dark style hides useful controls in datepicker and dropdown fields.
  • Cancel button to delete a draft disappeared by using the high contrast skin.
  • Images for knowledge base articles are all displayed in the same size in the external interface.
  • Headlines in the chat overview are hard to read.
  • Link for tabs is getting invisible if using high contrast skin.
  • Ticket list export performance issue.
  • Reply via note with customer attachment falsely forwards the attachment.
  • It is possible to add new customer users to invalid customer companies.
  • Missing index in search profiles causes slow queries.
  • Dynamic field database can’t be emptied once a value is set.
  • GenericAgent management screen is not loading and consumes whole physical memory if a lot of dynamic fields exists.
  • High amount of S/MIME certificates has significant impact on decrypt performance.
  • Merging tickets with themselves is possible.
  • Dynamic field database can’t be emptied once a value is set.
  • Month selection still showing after reopening the datepicker.
  • Inconsistent syntax for link feature in dynamic fields.
  • Expanding all articles in the communication widgets does not mark articles as read.
  • Robots.txt allows wrong path and can not be retrieved via browser.
  • Subqueues are not categorized and not collapsed inside the move ticket action.
  • Fields are limited in their width and displayed values are cut off.
  • Column titles not being translated.
  • Tooltip for a failed sending of an e-mail does not contain all information due to bad formatting.
  • Process description is partly hidden if description is very long.
  • Browser trust feature is not working correctly if session is getting invalid.
  • Bearer token is missing in REST API documentation for logout endpoint.
  • Accounted time for articles is always shown because ExternalFrontend::TicketDetailView###AccountedTimeDisplay setting is not respected.
  • Ticket title is cut off.
  • Modal dialog to delete a knowledge base articles is shown out of range and is therefore not usable.
  • Translation for services is not working as expected.
  • Opening a link in the external interface leads to an error page if the user was not logged in before.
  • Changed the styling for the CommonDateTime component.
  • Long service names are no longer cut off in the properties card.
  • Adds process information parameters for the form.
  • Dynamic Field of type Textarea is limited to 3.800 characters in GUI.
  • Improved generic notification and custom ticket module handling.
  • Timing of setting the authentication cookie is not reliable.
  • Dynamic field of type Contact with data is not visible in the ticket split screen.
  • Improved Sendmail binary handling.
  • Setting two or more queues for the ticket KPI functionality does not work.
  • Selection of unavailable agents is possible in chat invitation screen.
  • Responsible field contains invalid values.
  • Symbol of OTRSPrimarySecondary enlarged over the whole screen of a ticket list.
  • Users which are not member of the users group are not displayed in the people widget.
  • After the session timeout is reached, original links in open tabs are replaced by link to the dashboard. This also fixes Ticket#2021032642000597 – Original URL lost after redirect during login with HTTPBasicAuth.
  • Possible XSS attack via translation.
  • Ticket notifications are incorrectly saved in the user preferences.
  • OTRS log contains error messages for not found customer users.
  • Date values are not readable in filter sections of lists if space is very limited.
  • Position of chat button is reset to the right side after conversation has started.
  • Search window does not scale correctly if size of browser window is changed.
  • Activity dialog contains twice short and long description in external interface.
  • Ticket create icons are available in customer/customer user BOLs/BODVs without having permissions.
  • User details containing special characters (i.e. umlauts) are not shown properly when fetched from LDAP.
  • Uploaded attachments are deleted in outgoing mails by using text templates.
  • Tickets can’t be unlocked by responsible.
  • RPC operation could not be used if assignments of users to groups is done via roles.
  • Dynamic field of type Textarea adds HTML tags to the process body text.


Browser Support

  • JavaScript is required to use OTRS.

We recommend to use the latest version of your browser, because it has the best JavaScript and rendering performance. Dramatical performance varieties between the used browsers can occur with big data or big systems. We are happy to consult you on that matter.


  • OTRS 9 will not support Internet Explorer anymore.
  • OTRS 9 will not support Oracle as application database anymore.


OTRS Group managed customers who are using product versions that are reaching end of maintenance and support must be updated by our Customer Solution Team by scheduling an individual maintenance appointment in order to continue receiving necessary releases and support. OTRS On-Premise customers must obtain a newer product version by ordering our migration services.

Release Details

  • Release name:
    OTRS 8 Patch Level 20
  • Release date:
  • Release type:
    patch level