horde3 (3.2.2+debian0-2+lenny2build0.9.04.1) jaunty-security; urgency=low * fake sync from Debian
horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high * Non-maintainer upload by the security team * Fix several cross-site scripting vulnerabilities via crafted number preferences or inline MIME text parts when using text/plain as MIME type (horde ticket #8311 and #8399) (Issue was fixed in the previous version, but adjusting the conffile was missing) Fixes: CVE-2009-3237 * Fix cross-site scripting vulnerability via data:text/html values in an HTML email message (horde ticket #8715) Fixes: CVE-2009-4363 * Fix several cross-site scripting vulnerabilities via the PATH_INFO variable due to use of the PHP_SELF variable Fixes: CVE-2009-3701 Date: Tue, 19 Jan 2010 09:32:57 -0600 Changed-By: Jamie Strandboge <ja...@ubuntu.com> Maintainer: Horde Maintainers <pkg-horde-hack...@lists.alioth.debian.org> https://launchpad.net/ubuntu/jaunty/+source/horde3/3.2.2+debian0-2+lenny2build0.9.04.1
Format: 1.8 Date: Tue, 19 Jan 2010 09:32:57 -0600 Source: horde3 Binary: horde3 Architecture: source Version: 3.2.2+debian0-2+lenny2build0.9.04.1 Distribution: jaunty-security Urgency: high Maintainer: Horde Maintainers <pkg-horde-hack...@lists.alioth.debian.org> Changed-By: Jamie Strandboge <ja...@ubuntu.com> Description: horde3 - horde web application framework Changes: horde3 (3.2.2+debian0-2+lenny2build0.9.04.1) jaunty-security; urgency=low . * fake sync from Debian . horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high . * Non-maintainer upload by the security team * Fix several cross-site scripting vulnerabilities via crafted number preferences or inline MIME text parts when using text/plain as MIME type (horde ticket #8311 and #8399) (Issue was fixed in the previous version, but adjusting the conffile was missing) Fixes: CVE-2009-3237 * Fix cross-site scripting vulnerability via data:text/html values in an HTML email message (horde ticket #8715) Fixes: CVE-2009-4363 * Fix several cross-site scripting vulnerabilities via the PATH_INFO variable due to use of the PHP_SELF variable Fixes: CVE-2009-3701 Checksums-Sha1: 39e310b6c4c4e8c846980afd86eb9019005caa03 1440 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc f86aafe6e384f207743e5132cef515fa5e8b9c44 28150 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz Checksums-Sha256: 0cec11ec2fa9f77ee6cf08acd91d51179435a5d6da84ef9a0a33e68d4605a3e3 1440 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc 8e4c5a2edbbe1cc543c70744210c7d26d48e667ef5ac8e620696a74b6f670c69 28150 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz Files: 346fd3f01125b4a9adddb73e195a7e07 1440 web optional horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc 679113aab6340a160e5ef8b20422b53e 28150 web optional horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz
-- Jaunty-changes mailing list Jaunty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/jaunty-changes