oss-sec mailing list archives
Re: CVE request - horde, imp
From: Ludwig Nussel <ludwig.nussel () suse de>
Date: Thu, 12 Mar 2009 11:19:18 +0100
Mitre was not in CC I guess the request got lost. Tomas Hoger wrote:
Hi! New versions of horde and imp fix few security issues: Horde 3.2.4 and 3.3.3: * SECURITY: Fix unescaped output in the tag cloud block * SECURITY: Fix unvalidated Horde_Image driver name http://lists.horde.org/archives/announce/2009/000483.html http://lists.horde.org/archives/announce/2009/000482.html http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.413.2.3&r2=1.515.2.413.2.5&ty=h Patches: http://cvs.horde.org/diff.php/horde/services/portal/cloud_search.php?r1=1.1.2.2&r2=1.1.2.2.4.1 http://cvs.horde.org/diff.php/framework/Image/Image.php?r1=1.39.10.17&r2=1.39.10.17.4.1 Further details: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513265 IMP 4.2.2 and 4.3.3: http://lists.horde.org/archives/announce/2009/000484.html http://lists.horde.org/archives/announce/2009/000485.html http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.699.2.301.2.1&r2=1.699.2.301.2.4&ty=h Patches: http://cvs.horde.org/diff.php/imp/pgp.php?r1=2.79.6.15&r2=2.79.6.15.2.1 http://cvs.horde.org/diff.php/imp/smime.php?r1=2.48.4.12&r2=2.48.4.12.4.1 http://cvs.horde.org/diff.php/imp/message.php?r1=2.560.4.56&r2=2.560.4.56.4.1 Debian bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513266
-- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Current thread:
- CVE request - horde, imp Tomas Hoger (Jan 28)
- Re: CVE request - horde, imp Ludwig Nussel (Mar 12)
- Re: CVE request - horde, imp Steven M. Christey (Mar 17)
- Re: CVE request - horde, imp Ludwig Nussel (Mar 12)