Login
Newsletter
Werbung

Sicherheit: Cross-Site Scripting in php-horde-horde
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in php-horde-horde
ID: FEDORA-2015-a381facfd9
Distribution: Fedora
Plattformen: Fedora 21
Datum: Do, 5. November 2015, 08:46
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1277410
Applikationen: php-horde-horde

Originalnachricht

Name        : php-horde-horde
Product : Fedora 21
Version : 5.2.8
Release : 1.fc21
URL : http://www.horde.org/apps/horde
Summary : Horde Application Framework
Description :
The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites. For
more information on Horde or the Horde Groupware suites, visit
http://www.horde.org.

-------------------------------------------------------------------------------
-
Update Information:

**horde 5.2.8** * [mjr] SECURITY: Protect against CSRF attacks on various
admin
pages. * [jan] Don't apply access keys to checkbox and radiobox rows in the
sidebar (Bug #14103). * [jan] Send correct MIME type for non-statically cached
javascript files. * [mjr] Added configuration support for version 2 of
WorldWeatherOnline's API. **ingo 3.2.7** * [jan] Update Italian
translation. * [mjr] Add database migration for fixing corrupt rule ordering. *
[mjr] Fix corruption of rule order when reordering rules in certain cases.
**imp 6.2.11** * [mjr] Request that the contacts API only consider email
fields
when detecting duplicates during automatic saving of attendees to the address
book (Bug #14119). * [jan] Don't show 'Create Keys' button if
creating PGP keys
is disabled (steffen.hau@rz.uni-mannheim.de, Request #14096). * [mjr] Fix
displaying iTips with certain locale/date_format preference combinations (Bug
#14076). **passwd 5.0.4** * [mjr] Fix changing password using Kolab driver
(Mike Gabriel).
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1277410 - php-horde-horde: Multiple CSRF vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1277410
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update php-horde-horde' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung