First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 127889
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Jule Slootbeek <jslootbeek@gmail.com>
Add CC:
CC:
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 127889 depends on: Show dependency tree
Bug 127889 blocks: 126435

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-03-28 11:53 0000 
http://lists.horde.org/archives/announce/2006/000271.html:
Remote code execution vulnerability discovered in the help viewer.
Help viewer is enabled by default.
--
Issue is fixed in build 3.1.1 available from www.horde.org

------- Comment #1 From Stefan Cornelius (RETIRED) 2006-03-28 11:56:34 0000 ------- 
Vapier please provide updated ebuilds, thx.

------- Comment #2 From SpanKY 2006-03-28 16:56:06 0000 ------- 
3.1.1 in portage

------- Comment #3 From Stefan Cornelius (RETIRED) 2006-03-28 17:02:59 0000 ------- 
arches, please test and stable 3.1.1, thank you.

------- Comment #4 From Mark Loeser 2006-03-28 21:33:59 0000 ------- 
x86 done

------- Comment #5 From Gustavo Zacarias (RETIRED) 2006-03-29 05:14:53 0000 ------- 
hppa & sparc stable.

------- Comment #6 From Tobias Scherbaum 2006-03-29 10:57:20 0000 ------- 
ppc stable

------- Comment #7 From Simon Stelling (RETIRED) 2006-03-30 07:54:05 0000 ------- 
amd64 stable

------- Comment #8 From Jose Luis Rivero (yoswink) 2006-03-31 12:48:20 0000 ------- 
Alpha stable

Sorry about the delay on the horde security bugs but I had a really bad week
and my free time was reduced to zero. :(

Please, remember that amd64 need to complete bug #126435 in order to keyword
stable all horde-3 related plugins.

Thanks.

------- Comment #9 From Thierry Carrez (RETIRED) 2006-04-01 02:48:09 0000 ------- 
amd64 should mark the whole 3.1 framework stable, meaning :
 horde-chora-2.0.1
 horde-kronolith-2.1
 horde-imp-4.1
 horde-mnemo-2.1
 horde-nag-2.1
 horde-passwd-3.0
 horde-gollem-1.0.2
 horde-ingo-1.1
 horde-turba-2.1
as detailed on bug 126435

------- Comment #10 From Jule Slootbeek 2006-04-04 05:37:09 0000 ------- 
AMD64 team, do you have an update on the status of this B1? The GLSA is ready,
and we're waiting for you to mark this as stable.
Could you please provide an update?

------- Comment #11 From Simon Stelling (RETIRED) 2006-04-04 10:25:29 0000 ------- 
sorry. we're done now.

------- Comment #12 From Jule Slootbeek 2006-04-04 10:34:06 0000 ------- 
Thanks amd64, DerCony, she's all yours.

------- Comment #13 From Stefan Cornelius (RETIRED) 2006-04-04 12:00:15 0000 ------- 
GLSA 200604-02

Thanks everybody!
First Last Prev Next    No search results available      Search page      Enter new bug