subject:"Bug#492578\: horde3\: Small XSS\/unescaped output in services\/obrowser\/index.php"

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

2008-08-16 Thread Gregory Colpart

Hi, On Sun, Jul 27, 2008 at 05:38:20PM +0200, Nico Golde wrote: > P.S. Please mention such fixes as security fixes in the > changelog next time so we can get them easier on our > radars. It will be on next upload in unstable: http://arch.debian.org/cgi-bin/archzoom.cgi/[EMAIL PROTECTED]/horde-

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

2008-07-27 Thread Nico Golde

Hi Gregory, * Gregory Colpart <[EMAIL PROTECTED]> [2008-07-27 18:49]: > On Sun, Jul 27, 2008 at 05:38:20PM +0200, Nico Golde wrote: > > > > I can't see an old CVE id describing this problem, is a new CVE > > > > id needed for this one? > > > > > > There is no CVE id for it. I'm not sure Debian nee

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

2008-07-27 Thread Gregory Colpart

Hi, On Sun, Jul 27, 2008 at 05:38:20PM +0200, Nico Golde wrote: > > > I can't see an old CVE id describing this problem, is a new CVE > > > id needed for this one? > > > > There is no CVE id for it. I'm not sure Debian needs a new CVE id > > because upstream said only Horde 3.2 and Turba 2.2 are

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

2008-07-27 Thread Nico Golde

Hi Gregory, * Gregory Colpart <[EMAIL PROTECTED]> [2008-07-27 16:42]: > On Sun, Jul 27, 2008 at 03:31:37PM +0200, Nico Golde wrote: > > Which version did fix this? > > 3.2.1+debian0-1 fixed it. Thanks > > I can't see an old CVE id describing this problem, is a new CVE > > id needed for this one?

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

2008-07-27 Thread Gregory Colpart

Hi, On Sun, Jul 27, 2008 at 03:31:37PM +0200, Nico Golde wrote: > This seems to be already fixed in unstable. Yes, sure! This issue is only for etch. > Which version did fix this? 3.2.1+debian0-1 fixed it. > I can't see an old CVE id describing this problem, is a new CVE > id needed for this

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

2008-07-27 Thread Nico Golde

Hi Gregory, * Gregory Colpart <[EMAIL PROTECTED]> [2008-07-27 15:23]: > There is a small XSS/unescaped output (only exploitable by > someone who can create a contact, and requiring the victim to > have access to that contact). [...] This seems to be already fixed in unstable. Which version did fi

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

2008-07-27 Thread Gregory Colpart

Package: horde3 Version: 3.1.3-4etch3 Severity: important Tags: patch security Hello, There is a small XSS/unescaped output (only exploitable by someone who can create a contact, and requiring the victim to have access to that contact). Patch inline: Index: services/obrowser/index.php =

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

Bug#492578: horde3: Small XSS/unescaped output in services/obrowser/index.php

7 matches

Site Navigation

Mail list logo

Footer information