[pkg-horde] Bug#547318: Bug#547318: horde3: CVE-2009-3236 possibility to overwrite arbitrary files with the permissions of the webserver
Gregory Colpart
reg at evolix.fr
Wed Sep 23 22:58:42 UTC 2009
On Wed, Sep 23, 2009 at 01:51:25AM +0200, Nico Golde wrote:
> >
> > Yes and I confirm the vulnerability for etch.
> > For old-security, patch is pushed:
> > http://git.debian.org/?p=pkg-horde/horde3.git;a=commitdiff;h=0a71866537d0bd896fda156ba83be746483714a4
> >
> > Now, I'm waiting upstream advice before building/uploading.
>
> Ok great. So far the diff looks good to me. Feel free to
> upload to security master (and additionally you might drop
> me a mail so I don't miss it). Thanks for your work!
Patch reviewed by upstream, package builded&tested and uploaded.
Regards,
--
Gregory Colpart <reg at evolix.fr> GnuPG:1024D/C1027A0E
Evolix - Informatique et Logiciels Libres http://www.evolix.fr/
More information about the pkg-horde-hackers
mailing list