drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in php-horde-horde
Name: |
Zwei Probleme in php-horde-horde |
|
ID: |
FEDORA-2016-5d0e7f15ef |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 23 |
|
Datum: |
So, 21. Februar 2016, 23:32 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2228 |
|
Applikationen: |
Horde Application Framework |
|
Originalnachricht |
Name : php-horde-horde Product : Fedora 23 Version : 5.2.9 Release : 1.fc23 URL : http://www.horde.org/apps/horde Summary : Horde Application Framework Description : The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of production-level web applications, notably the Horde Groupware suites. For more information on Horde or the Horde Groupware suites, visit http://www.horde.org.
------------------------------------------------------------------------------- - Update Information:
**horde 5.2.9** * [jan] SECURITY: Fix XSS vulnerability in menu bar exposed by few applications (Bug #14213). * [jan] Add more detailed user DN settings to Kolab group configuration (Request #11737). * [jan] Fix returning to last page after problem reporting from AJAX pages (Bug #12112). * [jan] Fix custom database configuration for groups (Bug #11664). * [jan] Use access rules compatible with both Apache 2.2 and 2.4. * [mjr] Fix reporting results for non- select queries in administrative sql shell (Bug #14216). ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1305597 - CVE-2015-8807 php-horde-Horde: Cross-site scripting in _renderVarInput_number https://bugzilla.redhat.com/show_bug.cgi?id=1305597 [ 2 ] Bug #1304397 - CVE-2016-2228 php-horde: reflected cross-site scripting https://bugzilla.redhat.com/show_bug.cgi?id=1304397 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update php-horde-horde' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|