Überschreiben von Dateien in php-horde-Horde-Form
ID: | FEDORA-2020-a55b70b4ab |
Distribution: | Fedora |
Plattformen: | Fedora 31 |
Datum: | Di, 17. März 2020, 14:41 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8866 |
Applikationen: | Horde Application Framework |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-a55b70b4ab 2020-03-17 01:35:47.482783 -------------------------------------------------------------------------------- Name : php-horde-Horde-Form Product : Fedora 31 Version : 2.0.20 Release : 1.fc31 URL : http://pear.horde.org Summary : Horde Form API Description : The Horde_Form package provides form rendering, validation, and other functionality for the Horde Application Framework. -------------------------------------------------------------------------------- Update Information: **Horde_Form 2.0.20** * [mjr] SECURITY: Prevent ability to specify temporary filename (CVE-2020-8866, Reported By: Andrea Cardaci working with Trend Micro Zero Day Initiative). -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 9 2020 Remi Collet |