horde3 (3.2.2+debian0-2+lenny2build0.9.04.1) jaunty-security; urgency=low
* fake sync from Debian
horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high
* Non-maintainer upload by the security team
* Fix several cross-site scripting vulnerabilities via crafted number
preferences or inline MIME text parts when using text/plain as MIME
type (horde ticket #8311 and #8399) (Issue was fixed in the previous
version, but adjusting the conffile was missing)
Fixes: CVE-2009-3237
* Fix cross-site scripting vulnerability via data:text/html values in
an HTML email message (horde ticket #8715)
Fixes: CVE-2009-4363
* Fix several cross-site scripting vulnerabilities via the PATH_INFO
variable due to use of the PHP_SELF variable
Fixes: CVE-2009-3701
Date: Tue, 19 Jan 2010 09:32:57 -0600
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Maintainer: Horde Maintainers <pkg-horde-hack...@lists.alioth.debian.org>
https://launchpad.net/ubuntu/jaunty/+source/horde3/3.2.2+debian0-2+lenny2build0.9.04.1
Format: 1.8
Date: Tue, 19 Jan 2010 09:32:57 -0600
Source: horde3
Binary: horde3
Architecture: source
Version: 3.2.2+debian0-2+lenny2build0.9.04.1
Distribution: jaunty-security
Urgency: high
Maintainer: Horde Maintainers <pkg-horde-hack...@lists.alioth.debian.org>
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Description:
horde3 - horde web application framework
Changes:
horde3 (3.2.2+debian0-2+lenny2build0.9.04.1) jaunty-security; urgency=low
.
* fake sync from Debian
.
horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high
.
* Non-maintainer upload by the security team
* Fix several cross-site scripting vulnerabilities via crafted number
preferences or inline MIME text parts when using text/plain as MIME
type (horde ticket #8311 and #8399) (Issue was fixed in the previous
version, but adjusting the conffile was missing)
Fixes: CVE-2009-3237
* Fix cross-site scripting vulnerability via data:text/html values in
an HTML email message (horde ticket #8715)
Fixes: CVE-2009-4363
* Fix several cross-site scripting vulnerabilities via the PATH_INFO
variable due to use of the PHP_SELF variable
Fixes: CVE-2009-3701
Checksums-Sha1:
39e310b6c4c4e8c846980afd86eb9019005caa03 1440
horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc
f86aafe6e384f207743e5132cef515fa5e8b9c44 28150
horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz
Checksums-Sha256:
0cec11ec2fa9f77ee6cf08acd91d51179435a5d6da84ef9a0a33e68d4605a3e3 1440
horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc
8e4c5a2edbbe1cc543c70744210c7d26d48e667ef5ac8e620696a74b6f670c69 28150
horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz
Files:
346fd3f01125b4a9adddb73e195a7e07 1440 web optional
horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc
679113aab6340a160e5ef8b20422b53e 28150 web optional
horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz
--
Jaunty-changes mailing list
Jaunty-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/jaunty-changes
