[pkg-horde] Bug#803641: Bug#803641: php-horde: Multiple CSRF Vulnerabilities
Mathieu Parent
math.parent at gmail.com
Mon Nov 2 06:52:04 UTC 2015
Control: severity -1 important
Control: tag -1 + confirmed upstream security patch jessie fixed-upstream fixed
Control: fixed -1 5.2.8+debian0-1
2015-11-01 12:37 GMT+01:00 Philip Frei <pjf at gmx.de>:
> Package: php-horde
> Version: 5.2.1+debian0-2+deb8u1
> Severity: normal
>
> Dear Maintainer,
>
> there are some multiple CSRF vulnerabilities in Horde that were recently
> discovered[1].
> The new version (5.2.8) in testing/unstable fixes this problem. But the
> problem still exists for stable's version.
> I would be nice to have a fixed version in stable too.
This seems to be:
https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
I will prepare an upload for next jessie point-release, unless you
think it should go to the security mirors sooner.
Regards
--
Mathieu
More information about the pkg-horde-hackers
mailing list