This update for otrs fixes the following security issues:

- CVE-2016-9139: execution of JavaScript in OTRS context by opening malicious attachment (OSA-2016-02, bsc#1008017)

In addition, OTRS was updated to 3.3.16, containing all upstream improvements and bug fixes.