[pkg-horde] Re: horde problem.

Lionel Elie Mamane lionel at mamane.lu
Wed Mar 29 17:22:28 UTC 2006


On Wed, Mar 29, 2006 at 07:00:23PM +0200, Martin Schulze wrote:
> Lionel Elie Mamane wrote:
>> On Wed, Mar 29, 2006 at 05:25:34PM +0200, Lionel Elie Mamane wrote:
>>> On Wed, Mar 29, 2006 at 05:04:27PM +0200, Martin Schulze wrote:

>>>> I've been told (haven't had the time to check on my own) that a
>>>> very serious security problem in horde has been discovered.

>>> Yes. Remote code execution.

>> There doesn't seem to be a CVE number for that?

> Correct.  One is requested already, though.  I'll pass it to you
> once I see it (or Steve can do that).

>> But there is another issue, namely CVE-2006-1260. I'm investigating
>> it.

> Oh.  Thanks.

Woody, sarge, etch and sid are affected, but the version now in
incoming (3.1-1) fixes it.

-- 
Lionel



More information about the pkg-horde-hackers mailing list