[pkg-horde] Bug#585165: Bug#585165: CVE-2010-1916: Security issue in Xinha
Moritz Muehlenhoff
jmm at inutil.org
Wed Jun 30 17:20:25 UTC 2010
On Tue, Jun 22, 2010 at 01:48:00AM +0200, Gregory Colpart wrote:
> Hi,
>
> On Wed, Jun 09, 2010 at 07:05:51PM +0200, Moritz Muehlenhoff wrote:
> > Horde includes a copy of Xinha, for which the following security
> > issue was reported:
> >
> > http://php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.h+tml
> > http://xinha.webfactional.com/ticket/1518
> >
> > Please check if your code copy is affected and update the internal copy.
>
> I think code copy of xinha in Horde is not affected because there
> is no PHP code from Xinha on it. Majority of Xinha plugins are
> not present.
Ok, added to the Security Tracker.
Cheers,
Moritz
More information about the pkg-horde-hackers
mailing list