[pkg-horde] Bug#837149: Don't render SVG images in the browser to avoid XSS attacks
Mathieu Parent
math.parent at gmail.com
Fri Sep 9 09:07:11 UTC 2016
Package: php-horde-mime-viewer
Version: 2.1.3-2
Severity: important
Tags: security sid jessie
Control: found -1 2.0.7-2
Hello,
In the recent bunch of updates to Horde, I found this:
https://github.com/horde/horde/commit/a55bf759d3d8fd07dd5fda2ead075f5998e96364
Will upload lastest version to sid shortly, and I plan to fix this in
jessie too.
Regards
--
Mathieu
More information about the pkg-horde-hackers
mailing list