Summary: | www-apps/horde < 3.1.8 <3.2.1 script insertion | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthias Geerdsen (RETIRED) <vorlon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | rbu, web-apps |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/30697/ | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Matthias Geerdsen (RETIRED)
2008-06-20 11:25:52 UTC
security relevant changes for 3.1.8 http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.312.2.5&r2=1.515.2.312.2.10&ty=h [cjh] SECURITY: Escape item names in the object browser (Bug #6906). security relevant changes for 3.2.1 http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.392&r2=1.515.2.413&ty=h [cjh] SECURITY: Escape item names in the object browser (Bug #6906). 3.1.8 and 3.2.1 are in the tree. 3.2 was unstable on all arches and has been removed. Target archs for 3.1.8: alpha amd64 hppa ppc sparc x86 x86 stable alpha/sparc stable ppc stable Stable for HPPA. amd64 stable, sorry for the delay. time for glsa decision... XSS => I vote NO. NO too. *** Bug 233334 has been marked as a duplicate of this bug. *** |