Package: horde2 Version: 2.2.8-1 Severity: grave Tags: security Justification: user security hole
New upstream version v2.2.9 available to fix potential XSS vulnerability due to not properly escaped error messages. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.14 Locale: LANG=en_US, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages horde2 depends on: ii apache2 2.0.54-5 next generation, scalable, extenda ii apache2-mpm-prefork [httpd] 2.0.54-5 traditional model for Apache2 ii binutils 2.15-6 The GNU assembler, linker and bina ii debconf 1.4.30.13 Debian configuration management sy ii gettext 0.14.4-2 GNU Internationalization utilities ii logrotate 3.7-5 Log rotation utility ii make 3.80-9 The GNU version of the "make" util ii perl 5.8.4-8 Larry Wall's Practical Extraction ii php4 4:4.3.10-16 server-side, HTML-embedded scripti ii php4-cgi 4:4.3.10-16 server-side, HTML-embedded scripti ii php4-pear 4:4.3.10-16 PEAR - PHP Extension and Applicati ii php4-pear-log 1.6.0-1.1 Log module for PEAR ii wwwconfig-common 0.0.43 Debian web auto configuration -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
