Login
Newsletter
Werbung

Sicherheit: Cross-Site Scripting in php-horde-imp
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in php-horde-imp
ID: FEDORA-2015-37090f89d8
Distribution: Fedora
Plattformen: Fedora 22
Datum: Do, 5. November 2015, 08:44
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1277410
Applikationen: IMP

Originalnachricht

Name        : php-horde-imp
Product : Fedora 22
Version : 6.2.11
Release : 1.fc22
URL : http://www.horde.org/apps/imp
Summary : A web based webmail system
Description :
IMP, the Internet Mail Program, is one of the most popular and widely
deployed open source webmail applications in the world. It allows
universal, web-based access to IMAP and POP3 mail servers and provides
Ajax, mobile and traditional interfaces with a rich range of features
normally found only in desktop email clients.

-------------------------------------------------------------------------------
-
Update Information:

**horde 5.2.8** * [mjr] SECURITY: Protect against CSRF attacks on various
admin
pages. * [jan] Don't apply access keys to checkbox and radiobox rows in the
sidebar (Bug #14103). * [jan] Send correct MIME type for non-statically cached
javascript files. * [mjr] Added configuration support for version 2 of
WorldWeatherOnline's API. **ingo 3.2.7** * [jan] Update Italian
translation. * [mjr] Add database migration for fixing corrupt rule ordering. *
[mjr] Fix corruption of rule order when reordering rules in certain cases.
**imp 6.2.11** * [mjr] Request that the contacts API only consider email
fields
when detecting duplicates during automatic saving of attendees to the address
book (Bug #14119). * [jan] Don't show 'Create Keys' button if
creating PGP keys
is disabled (steffen.hau@rz.uni-mannheim.de, Request #14096). * [mjr] Fix
displaying iTips with certain locale/date_format preference combinations (Bug
#14076). **passwd 5.0.4** * [mjr] Fix changing password using Kolab driver
(Mike Gabriel).
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1277410 - php-horde-horde: Multiple CSRF vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1277410
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update php-horde-imp' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung