[Bug 252475] Re: Horde3 CVE-2008-3330 XSS
horde3 (3.1.3-4etch5) oldstable-security; urgency=high * Backport a patch from Horde upstream to fix an IE-only hole in XSS filter (See CVE-2008-5917 for more information). (Closes: #512592) * Backport a patch from Horde upstream to fix a file inclusion issue in Horde_Image driver name (Image/Image.php). (Closes: #513265) * Fix small XSS/unescaped output vulnerability in services/obrowser/index.php (see CVE-2008-3330 for more informations). (Closes: #492578) -- Gregory Colpart r...@debian.org Thu, 29 Jan 2009 03:17:37 +0100 ** Changed in: horde3 (Debian) Importance: Unknown = Undecided ** Changed in: horde3 (Debian) Status: Fix Committed = New ** Changed in: horde3 (Debian) Remote watch: Debian Bug tracker #492578 = None ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-3330 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-5917 ** Changed in: horde3 (Debian) Status: New = Fix Released -- Horde3 CVE-2008-3330 XSS https://bugs.launchpad.net/bugs/252475 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 252475] Re: Horde3 CVE-2008-3330 XSS
** Bug watch added: Debian Bug tracker #492578 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492578 -- Horde3 CVE-2008-3330 XSS https://bugs.launchpad.net/bugs/252475 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 252475] Re: Horde3 CVE-2008-3330 XSS
** Changed in: horde3 (Debian) Status: New = Fix Committed -- Horde3 CVE-2008-3330 XSS https://bugs.launchpad.net/bugs/252475 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 252475] Re: Horde3 CVE-2008-3330 XSS
** Changed in: horde3 (Debian) Status: Unknown = New -- Horde3 CVE-2008-3330 XSS https://bugs.launchpad.net/bugs/252475 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 252475] Re: Horde3 CVE-2008-3330 XSS
Only intrepid vulnerable. and fixed via Debian. Closing bug.. ** Changed in: horde3 (Ubuntu Intrepid) Status: In Progress = Fix Released -- Horde3 CVE-2008-3330 XSS https://bugs.launchpad.net/bugs/252475 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
