You are here
Home > Preporuke > Sigurnosni nedostaci Horde softvera

Sigurnosni nedostaci Horde softvera

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2017-449b22158f
2017-08-10 15:18:03.832604
——————————————————————————–

Name : php-horde-turba
Product : Fedora 25
Version : 4.2.20
Release : 1.fc25
URL : http://www.horde.org/apps/turba
Summary : A web based address book
Description :
Turba is the Horde contact management application. Leveraging the Horde
framework to provide seamless integration with IMP and other Horde
applications, it supports storing contacts in SQL, LDAP, Kolab, and IMSP
address books.

——————————————————————————–
Update Information:

**turba 4.2.20** * [jan] SECURITY: Fix open redirects. * [jan] Fix creating
address books with the external API.
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-turba’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-f52687b573
2017-08-10 15:18:13.065923
——————————————————————————–

Name : php-horde-turba
Product : Fedora 26
Version : 4.2.20
Release : 1.fc26
URL : http://www.horde.org/apps/turba
Summary : A web based address book
Description :
Turba is the Horde contact management application. Leveraging the Horde
framework to provide seamless integration with IMP and other Horde
applications, it supports storing contacts in SQL, LDAP, Kolab, and IMSP
address books.

——————————————————————————–
Update Information:

**turba 4.2.20** * [jan] SECURITY: Fix open redirects. * [jan] Fix creating
address books with the external API.
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-turba’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-34d34904f5
2017-08-10 15:18:03.832554
——————————————————————————–

Name : php-horde-nag
Product : Fedora 25
Version : 4.2.15
Release : 1.fc25
URL : http://www.horde.org/apps/nag
Summary : A web based task list manager
Description :
Nag is a web-based application built upon the Horde Application Framework
which provides a simple, clean interface for managing online task lists
(i.e., todo lists). It also includes strong integration with the other
Horde applications and allows users to share task lists or enable
light-weight project management.

——————————————————————————–
Update Information:

**nag 4.2.15** * [jan] SECURITY: Fix open redirects. * [mjr] Fix handling of
delayed start dates (Bug #14634).
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-nag’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-d1c86c61f2
2017-08-10 15:18:13.065882
——————————————————————————–

Name : php-horde-nag
Product : Fedora 26
Version : 4.2.15
Release : 1.fc26
URL : http://www.horde.org/apps/nag
Summary : A web based task list manager
Description :
Nag is a web-based application built upon the Horde Application Framework
which provides a simple, clean interface for managing online task lists
(i.e., todo lists). It also includes strong integration with the other
Horde applications and allows users to share task lists or enable
light-weight project management.

——————————————————————————–
Update Information:

**nag 4.2.15** * [jan] SECURITY: Fix open redirects. * [mjr] Fix handling of
delayed start dates (Bug #14634).
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-nag’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-692c05119d
2017-08-10 15:18:03.832503
——————————————————————————–

Name : php-horde-kronolith
Product : Fedora 25
Version : 4.2.22
Release : 1.fc25
URL : http://www.horde.org/apps/kronolith
Summary : A web based calendar
Description :
Kronolith is the Horde calendar application. It provides web-based
calendars backed by a SQL database or a Kolab server. Supported features
include Ajax and mobile interfaces, shared calendars, remote calendars,
invitation management (iCalendar/iTip), free/busy management, resource
management, alarms, recurring events, and a sophisticated day/week view
which handles arbitrary numbers of overlapping events.

——————————————————————————–
Update Information:

**kronolith 4.2.22** * [jan] SECURITY: Fix open redirects. * [mjr] Prevent
broken iCalendar files from causing fatal errors (Bug #14672). * [jan] Work
around calendar servers advertising as CalDAV-capable, but ignoring CalDAV
requests (Bug #14662). * [jan] Fix displaying yesterday's event in Prior
Events portal block (admin@layertec.de, Bug #14638).
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-kronolith’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-ceb60ebf8f
2017-08-10 15:18:13.065836
——————————————————————————–

Name : php-horde-kronolith
Product : Fedora 26
Version : 4.2.22
Release : 1.fc26
URL : http://www.horde.org/apps/kronolith
Summary : A web based calendar
Description :
Kronolith is the Horde calendar application. It provides web-based
calendars backed by a SQL database or a Kolab server. Supported features
include Ajax and mobile interfaces, shared calendars, remote calendars,
invitation management (iCalendar/iTip), free/busy management, resource
management, alarms, recurring events, and a sophisticated day/week view
which handles arbitrary numbers of overlapping events.

——————————————————————————–
Update Information:

**kronolith 4.2.22** * [jan] SECURITY: Fix open redirects. * [mjr] Prevent
broken iCalendar files from causing fatal errors (Bug #14672). * [jan] Work
around calendar servers advertising as CalDAV-capable, but ignoring CalDAV
requests (Bug #14662). * [jan] Fix displaying yesterday's event in Prior
Events portal block (admin@layertec.de, Bug #14638).
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-kronolith’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-7c19905c9b
2017-08-10 15:18:03.832400
——————————————————————————–

Name : php-horde-horde
Product : Fedora 25
Version : 5.2.16
Release : 1.fc25
URL : http://www.horde.org/apps/horde
Summary : Horde Application Framework
Description :
The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites. For
more information on Horde or the Horde Groupware suites, visit
http://www.horde.org.

——————————————————————————–
Update Information:

**horde 5.2.16** * [jan] SECURITY: Fix open redirects.
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-horde’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-1081235137
2017-08-10 15:18:13.065715
——————————————————————————–

Name : php-horde-horde
Product : Fedora 26
Version : 5.2.16
Release : 1.fc26
URL : http://www.horde.org/apps/horde
Summary : Horde Application Framework
Description :
The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites. For
more information on Horde or the Horde Groupware suites, visit
http://www.horde.org.

——————————————————————————–
Update Information:

**horde 5.2.16** * [jan] SECURITY: Fix open redirects.
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-horde’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-17f457262c
2017-08-10 15:18:03.832346
——————————————————————————–

Name : php-horde-Horde-Url
Product : Fedora 25
Version : 2.2.6
Release : 1.fc25
URL : http://pear.horde.org
Summary : Horde Url class
Description :
This class represents a single URL and provides methods for manipulating
URLs.

——————————————————————————–
Update Information:

**Horde_Url 2.2.6** * [jan] SECURITY: Fix XSS vulnerability with pathinfo
component in toString().
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-Horde-Url’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-6775ec59f1
2017-08-10 15:18:13.065670
——————————————————————————–

Name : php-horde-Horde-Url
Product : Fedora 26
Version : 2.2.6
Release : 1.fc26
URL : http://pear.horde.org
Summary : Horde Url class
Description :
This class represents a single URL and provides methods for manipulating
URLs.

——————————————————————————–
Update Information:

**Horde_Url 2.2.6** * [jan] SECURITY: Fix XSS vulnerability with pathinfo
component in toString().
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-Horde-Url’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-26f9e09c8a
2017-08-10 15:18:03.832221
——————————————————————————–

Name : php-horde-Horde-Form
Product : Fedora 25
Version : 2.0.18
Release : 1.fc25
URL : http://pear.horde.org
Summary : Horde Form API
Description :
The Horde_Form package provides form rendering, validation, and other
functionality for the Horde Application Framework.

——————————————————————————–
Update Information:

**Horde_Form 2.0.18** * [jan] SECURITY: Fix XSS vulnerability with form
sections.
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-Horde-Form’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-ca6f3b5770
2017-08-10 15:18:13.065572
——————————————————————————–

Name : php-horde-Horde-Form
Product : Fedora 26
Version : 2.0.18
Release : 1.fc26
URL : http://pear.horde.org
Summary : Horde Form API
Description :
The Horde_Form package provides form rendering, validation, and other
functionality for the Horde Application Framework.

——————————————————————————–
Update Information:

**Horde_Form 2.0.18** * [jan] SECURITY: Fix XSS vulnerability with form
sections.
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-Horde-Form’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-b812362f61
2017-08-10 15:18:03.832161
——————————————————————————–

Name : php-horde-Horde-Core
Product : Fedora 25
Version : 2.30.0
Release : 1.fc25
URL : http://pear.horde.org
Summary : Horde Core Framework libraries
Description :
These classes provide the core functionality of the Horde Application
Framework.

——————————————————————————–
Update Information:

**Horde_Core 2.30.0** * [jan] SECURITY: Fix XSS vulnerability with pathinfo
component in Horde::selfUrl(). * [jan] Deprecate Horde::redirect(). * [jan] Add
Horde::signUrl() and Horde::verifySignedUrl().
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-Horde-Core’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-1929be4354
2017-08-10 15:18:13.065528
——————————————————————————–

Name : php-horde-Horde-Core
Product : Fedora 26
Version : 2.30.0
Release : 1.fc26
URL : http://pear.horde.org
Summary : Horde Core Framework libraries
Description :
These classes provide the core functionality of the Horde Application
Framework.

——————————————————————————–
Update Information:

**Horde_Core 2.30.0** * [jan] SECURITY: Fix XSS vulnerability with pathinfo
component in Horde::selfUrl(). * [jan] Deprecate Horde::redirect(). * [jan] Add
Horde::signUrl() and Horde::verifySignedUrl().
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-horde-Horde-Core’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-08-0074-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libsoup

Otkriven je sigurnosni nedostatak u programskoj biblioteci libsoup za operacijski sustav SUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada uskraćivanjem...

Close