[pkg-horde] [SCM] Debian Horde Packages repository: horde3 package branch, debian-etch, updated. a5a1066ece3df9f9ed745c1f9779c657fea2b38c
Gregory Colpart
gcolpart at ioakim2.evolix.net
Wed Sep 23 22:47:54 UTC 2009
The following commit has been merged in the debian-etch branch:
commit a5a1066ece3df9f9ed745c1f9779c657fea2b38c
Author: Gregory Colpart <gcolpart at ioakim2.evolix.net>
Date: Wed Sep 23 01:16:23 2009 +0200
New changelog
diff --git a/debian/changelog b/debian/changelog
index 00d2b38..45821b1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+horde3 (3.1.3-4etch6) oldstable-security; urgency=high
+
+ * Backport security patch from Horde to fix vulnerability in image
+ form fields that allows overwriting of arbitrary local files. See
+ CVE-2009-3236 for more information. (Closes: #547318)
+
+ -- Gregory Colpart <reg at debian.org> Wed, 23 Sep 2009 00:51:33 +0200
+
horde3 (3.1.3-4etch5) oldstable-security; urgency=high
* Backport a patch from Horde upstream to fix an IE-only hole in XSS filter
--
Debian Horde Packages repository: horde3 package
More information about the pkg-horde-hackers
mailing list