Hi,
On Sun, Jul 27, 2008 at 05:38:20PM +0200, Nico Golde wrote:
> P.S. Please mention such fixes as security fixes in the
> changelog next time so we can get them easier on our
> radars.
It will be on next upload in unstable:
http://arch.debian.org/cgi-bin/archzoom.cgi/[EMAIL
PROTECTED]/horde-
Hi Gregory,
* Gregory Colpart <[EMAIL PROTECTED]> [2008-07-27 18:49]:
> On Sun, Jul 27, 2008 at 05:38:20PM +0200, Nico Golde wrote:
> > > > I can't see an old CVE id describing this problem, is a new CVE
> > > > id needed for this one?
> > >
> > > There is no CVE id for it. I'm not sure Debian nee
Hi,
On Sun, Jul 27, 2008 at 05:38:20PM +0200, Nico Golde wrote:
> > > I can't see an old CVE id describing this problem, is a new CVE
> > > id needed for this one?
> >
> > There is no CVE id for it. I'm not sure Debian needs a new CVE id
> > because upstream said only Horde 3.2 and Turba 2.2 are
Hi Gregory,
* Gregory Colpart <[EMAIL PROTECTED]> [2008-07-27 16:42]:
> On Sun, Jul 27, 2008 at 03:31:37PM +0200, Nico Golde wrote:
> > Which version did fix this?
>
> 3.2.1+debian0-1 fixed it.
Thanks
> > I can't see an old CVE id describing this problem, is a new CVE
> > id needed for this one?
Hi,
On Sun, Jul 27, 2008 at 03:31:37PM +0200, Nico Golde wrote:
> This seems to be already fixed in unstable.
Yes, sure! This issue is only for etch.
> Which version did fix this?
3.2.1+debian0-1 fixed it.
> I can't see an old CVE id describing this problem, is a new CVE
> id needed for this
Hi Gregory,
* Gregory Colpart <[EMAIL PROTECTED]> [2008-07-27 15:23]:
> There is a small XSS/unescaped output (only exploitable by
> someone who can create a contact, and requiring the victim to
> have access to that contact).
[...]
This seems to be already fixed in unstable. Which version
did fi
Package: horde3
Version: 3.1.3-4etch3
Severity: important
Tags: patch security
Hello,
There is a small XSS/unescaped output (only exploitable by
someone who can create a contact, and requiring the victim to
have access to that contact).
Patch inline:
Index: services/obrowser/index.php
=
7 matches
Mail list logo