Hi Gregory,
* Gregory Colpart <[EMAIL PROTECTED]> [2008-01-20 03:12]:
> On Sun, Jan 20, 2008 at 01:30:37AM +0100, Nico Golde wrote:
> > are you also going to fix imp4?
>
> CVE-2007-6018 doesn't affect directly package imp4.
> Security problems are in 'lib/Horde/Text/Filter/xss.php'
> file which is
Hi,
On Sun, Jan 20, 2008 at 01:30:37AM +0100, Nico Golde wrote:
> are you also going to fix imp4?
CVE-2007-6018 doesn't affect directly package imp4.
Security problems are in 'lib/Horde/Text/Filter/xss.php'
file which is only part of horde3 package. For more information,
you can see my patch for
Hi,
are you also going to fix imp4?
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgp1c2cCJuSTL.pgp
Description: PGP signature
Hi Stefan
Thanks a lot for the report! I saw the announce yesterday, but I have
not had the time to correct it at this very moment.
Best regards,
// Ola
On Wed, Jan 16, 2008 at 09:19:48PM +0100, Stefan Fritsch wrote:
> Package: horde3
> Version: 3.1.3-4
> Severity: important
> Tags: security
>
Package: horde3
Version: 3.1.3-4
Severity: important
Tags: security
A vulnerability has been found in horde3:
The HTML filter does not filter out and HTML
elements. Additionally, the application allows users to perform
certain actions via HTTP requests without performing any validity
checks to
5 matches
Mail list logo
