CVE-2008-1284 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1284): Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte in the theme name.
=www-apps/horde-groupware-1.0.5 : In tree, ~arch only. =www-apps/horde-webmail-1.0.6 : In tree, ~arch only. =www-apps/horde-3.1.7 : In tree, we need this stable. vapier, is that ok with you?
it's fine
ppc stable, and adding arches ;)
Stable for HPPA.
alpha/sparc/x86 stable
amd64 stable (last arch)
Fixed in release shapshot.
I vote yes together with bug 212635.
Voting YES, too.
GLSA 200805-01