[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE request - horde, imp
From: Tomas Hoger <thoger () redhat ! com>
Date: 2009-01-28 8:21:02
Message-ID: 20090128092102.56964ee1 () redhat ! com
[Download RAW message or body]
Hi!
New versions of horde and imp fix few security issues:
Horde 3.2.4 and 3.3.3:
* SECURITY: Fix unescaped output in the tag cloud block
* SECURITY: Fix unvalidated Horde_Image driver name
http://lists.horde.org/archives/announce/2009/000483.html
http://lists.horde.org/archives/announce/2009/000482.html
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.413.2.3&r2=1.515.2.413.2.5&ty=h
Patches:
http://cvs.horde.org/diff.php/horde/services/portal/cloud_search.php?r1=1.1.2.2&r2=1.1.2.2.4.1
http://cvs.horde.org/diff.php/framework/Image/Image.php?r1=1.39.10.17&r2=1.39.10.17.4.1
Further details:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513265
IMP 4.2.2 and 4.3.3:
http://lists.horde.org/archives/announce/2009/000484.html
http://lists.horde.org/archives/announce/2009/000485.html
http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.699.2.301.2.1&r2=1.699.2.301.2.4&ty=h
Patches:
http://cvs.horde.org/diff.php/imp/pgp.php?r1=2.79.6.15&r2=2.79.6.15.2.1
http://cvs.horde.org/diff.php/imp/smime.php?r1=2.48.4.12&r2=2.48.4.12.4.1
http://cvs.horde.org/diff.php/imp/message.php?r1=2.560.4.56&r2=2.560.4.56.4.1
Debian bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513266
--
Tomas Hoger / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic