Bug 214212 (CVE-2008-1502)

Summary:	www-apps/egroupware <1.4.003 Unspecified vulnerability (CVE-2008-1502)
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	web-apps
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471839
Whiteboard:	B4 [glsa]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2008-03-22 02:32:40 UTC

Daniel Baumann writes:
the new egroupware release 1.4.003 fixes a security issues. See
http://www.egroupware.org/viewvc/branches/1.4/phpgwapi/inc/class.kses.inc.php?r1=25110&r2=25109&pathrev=25110
for the patch.

Comment 1 Benedikt Böhm (RETIRED) gentoo-dev

2008-04-03 10:37:27 UTC

1.4.003 in cvs

Comment 2 Robert Buchholz (RETIRED) gentoo-dev

2008-04-03 14:02:14 UTC

Arches, please test and mark stable:
=www-apps/egroupware-1.4.003
Target keywords : "alpha amd64 hppa ppc release x86"

Comment 3 Markus Meier gentoo-dev

2008-04-03 19:55:29 UTC

amd64/x86 stable

Comment 4 Jeroen Roovers (RETIRED) gentoo-dev

2008-04-06 14:31:29 UTC

Stable for HPPA.

Comment 5 Tobias Scherbaum (RETIRED) gentoo-dev

2008-04-06 20:19:01 UTC

ppc stable

Comment 6 Raúl Porcel (RETIRED) gentoo-dev

2008-04-07 20:22:20 UTC

alpha stable

Comment 7 Peter Volkov (RETIRED) gentoo-dev

2008-04-08 05:39:19 UTC

Fixed in release snapshot.

Comment 8 Pierre-Yves Rofes (RETIRED) gentoo-dev

2008-05-05 21:25:35 UTC

this is getting GLSA'ed with bug #218625

Comment 9 Pierre-Yves Rofes (RETIRED) gentoo-dev

2008-05-07 22:04:53 UTC

GLSA 200805-04