Bug#361967: [pkg-horde] Bug#361967: Horde3 Vulnerability: CVE-2006-1491 remote arbitrary command execution
Hi I saw this morning that the upload has been accepted into sarge. Regards, // Ola On Wed, Apr 12, 2006 at 02:21:17PM +0200, Moritz Muehlenhoff wrote: > Lionel Elie Mamane wrote: > > tags 361967 +etch sarge security > > thanks > > > > On Tue, Apr 11, 2006 at 10:46:07AM -0300, Pedro Müller wrote: > > > > > See this: > > > http://www.securityfocus.com/bid/17292/info > > > > > Please, fix this or update to 3.0.10. > > > > An update has been submitted to the security team; I suppose they are > > going to release a security advisory and put the said update on the > > archive on security.debian.org anytime now. > > Umm, sorry, I was under the impression, that the update was still being > prepared. I'll check and upload tonight (European time). > > Cheers, > Moritz > > > ___ > pkg-horde-hackers mailing list > [EMAIL PROTECTED] > http://lists.alioth.debian.org/mailman/listinfo/pkg-horde-hackers > -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#361967: Horde3 Vulnerability: CVE-2006-1491 remote arbitrary command execution
Lionel Elie Mamane wrote: > tags 361967 +etch sarge security > thanks > > On Tue, Apr 11, 2006 at 10:46:07AM -0300, Pedro Müller wrote: > > > See this: > > http://www.securityfocus.com/bid/17292/info > > > Please, fix this or update to 3.0.10. > > An update has been submitted to the security team; I suppose they are > going to release a security advisory and put the said update on the > archive on security.debian.org anytime now. Umm, sorry, I was under the impression, that the update was still being prepared. I'll check and upload tonight (European time). Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#361967: Horde3 Vulnerability: CVE-2006-1491 remote arbitrary command execution
tags 361967 +etch sarge security thanks On Tue, Apr 11, 2006 at 10:46:07AM -0300, Pedro Müller wrote: > See this: > http://www.securityfocus.com/bid/17292/info > Please, fix this or update to 3.0.10. An update has been submitted to the security team; I suppose they are going to release a security advisory and put the said update on the archive on security.debian.org anytime now. If you wish to use the update we prepared before it is approved by the security team, you can take it from http://people.debian.org/~lmamane/horde/ . (That update is for Debian stable 3.1 sarge. Debian unstable sid is already fixed. Debian testing etch (the "beta version" of Debian 3.2) is going to get the update automatically in a few days. If you are running Debian testing etch, you can install the horde3 / imp4 / turba2 / ... packages from unstable sid. The "secure testing" team might want to consider pushing turba2 2.1-1 to etch prematurely, as it is blocking horde3 3.1.1-1 (the version that fixes this) to migrate to testing. > This is critical! Yes, it is. -- Lionel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]