[Secure-testing-team] Re: horde problem.
Lionel Elie Mamane
lionel at mamane.lu
Wed Mar 29 17:22:28 UTC 2006
On Wed, Mar 29, 2006 at 07:00:23PM +0200, Martin Schulze wrote:
> Lionel Elie Mamane wrote:
>> On Wed, Mar 29, 2006 at 05:25:34PM +0200, Lionel Elie Mamane wrote:
>>> On Wed, Mar 29, 2006 at 05:04:27PM +0200, Martin Schulze wrote:
>>>> I've been told (haven't had the time to check on my own) that a
>>>> very serious security problem in horde has been discovered.
>>> Yes. Remote code execution.
>> There doesn't seem to be a CVE number for that?
> Correct. One is requested already, though. I'll pass it to you
> once I see it (or Steve can do that).
>> But there is another issue, namely CVE-2006-1260. I'm investigating
>> it.
> Oh. Thanks.
Woody, sarge, etch and sid are affected, but the version now in
incoming (3.1-1) fixes it.
--
Lionel
More information about the Secure-testing-team
mailing list