Sicherheit: Überschreiben von Dateien in php-horde-Horde-Form

Lesezeichen hinzufügen

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2020-d0288d8022
2020-03-16 20:26:14.979871
-------------------------------------------------------------------------------
-

Name : php-horde-Horde-Form
Product : Fedora 32
Version : 2.0.20
Release : 1.fc32
URL : http://pear.horde.org
Summary : Horde Form API
Description :
The Horde_Form package provides form rendering, validation, and other
functionality for the Horde Application Framework.

-------------------------------------------------------------------------------
-
Update Information:

**Horde_Form 2.0.20** * [mjr] SECURITY: Prevent ability to specify temporary
filename (CVE-2020-8866, Reported By: Andrea Cardaci working with Trend Micro
Zero Day Initiative).
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Mar 9 2020 Remi Collet <remi@remirepo.net> - 2.0.20-1
- update to 2.0.20
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> -
2.0.19-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> -
2.0.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sat Feb 2 2019 Fedora Release Engineering <releng@fedoraproject.org> -
2.0.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 7 2019 Remi Collet <remi@remirepo.net> - 2.0.19-1
- update to 2.0.19
- use range dependencies
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> -
2.0.18-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-d0288d8022' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org