Sicherheit: Cross-Site Scripting in php-horde-passwd
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in php-horde-passwd
ID: FEDORA-2015-46c331cb4e
Distribution: Fedora
Plattformen: Fedora 23
Datum: Mo, 2. November 2015, 23:08
Referenzen: Keine Angabe
Applikationen: php-horde-passwd


Name        : php-horde-passwd
Product : Fedora 23
Version : 5.0.4
Release : 1.fc23
URL : http://www.horde.org/apps/passwd
Summary : Horde password changing application
Description :
An application to change any user passwords stored in various backends like
SQL, LDAP, Kolab, passwd files etc.

Update Information:

**horde 5.2.8** * [mjr] SECURITY: Protect against CSRF attacks on various
pages. * [jan] Don't apply access keys to checkbox and radiobox rows in the
sidebar (Bug #14103). * [jan] Send correct MIME type for non-statically cached
javascript files. * [mjr] Added configuration support for version 2 of
WorldWeatherOnline's API. **ingo 3.2.7** * [jan] Update Italian
translation. * [mjr] Add database migration for fixing corrupt rule ordering. *
[mjr] Fix corruption of rule order when reordering rules in certain cases.
**imp 6.2.11** * [mjr] Request that the contacts API only consider email
when detecting duplicates during automatic saving of attendees to the address
book (Bug #14119). * [jan] Don't show 'Create Keys' button if
creating PGP keys
is disabled (steffen.hau@rz.uni-mannheim.de, Request #14096). * [mjr] Fix
displaying iTips with certain locale/date_format preference combinations (Bug
#14076). **passwd 5.0.4** * [mjr] Fix changing password using Kolab driver
(Mike Gabriel).

This update can be installed with the "yum" update program. Use
su -c 'yum update php-horde-passwd' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Neue Nachrichten