Sicherheit: Cross-Site Scripting in php-horde-Horde--Weather
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in php-horde-Horde--Weather
ID: FEDORA-2015-a3c9048cdd
Distribution: Fedora
Plattformen: Fedora 23
Datum: Di, 29. Dezember 2015, 14:12
Referenzen: Keine Angabe
Applikationen: php-horde-Horde--Weather


Name        : php-horde-Horde-Service-Weather
Product : Fedora 23
Version : 2.3.1
Release : 1.fc23
URL : http://pear.horde.org
Summary : Horde Weather Provider
Description :
Set of classes that provide an abstraction to various online weather
service providers. Includes drivers for WeatherUnderground,
WorldWeatherOnline, and Google Weather.

Update Information:

**Horde_Core 2.22.4** * [mjr] SECURITY: Fix XSS in Horde_Core_VarRenderer_Html
(reported by Centurion Information Security). * [mjr] Support sending MDN via
ActiveSync (Request #23080). **Horde_Core 2.22.3** * [mjr] Fix issue with
synchronizing IMAP folder names that contain only numbers. **Horde_Perms
2.1.6** * [mjr] Use NULL instead of an empty string in the perms_parents field
for root permissions. **Horde_Service_Weather 2.3.1** * [jan] Fix undefined
variable warnings.

This update can be installed with the "yum" update program. Use
su -c 'yum update php-horde-Horde-Service-Weather' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten