[pkg-horde] Bug#547318: Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver
Nico Golde
nion at debian.org
Mon Sep 21 10:43:51 UTC 2009
Hi,
* Gregory Colpart <reg at evolix.fr> [2009-09-20 20:09]:
> Hello,
>
> On Fri, Sep 18, 2009 at 05:18:14PM +0200, Nico Golde wrote:
> > the following CVE (Common Vulnerabilities & Exposures) id was
> > published for horde3.
>
> Work in progress. For stable-security, patches are pushed:
> http://git.debian.org/?p=pkg-horde/horde3.git;a=commitdiff;h=a3873329efa3ed5797678626638afbb2bb4f48d0
>
> Now I'm testing package and preparing upload for sid.
Are you also working on etch? That would be nice, I think
this deserves a DSA.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-horde-hackers/attachments/20090921/3fc0269c/attachment.pgp>
More information about the pkg-horde-hackers
mailing list