You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa php-horde

Sigurnosni nedostatak programskog paketa php-horde

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2018-1de045298c
2018-10-07 21:10:49.841490
——————————————————————————–

Name : php-horde-horde
Product : Fedora 27
Version : 5.2.20
Release : 1.fc27
URL : http://www.horde.org/apps/horde
Summary : Horde Application Framework
Description :
The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites. For
more information on Horde or the Horde Groupware suites, visit
http://www.horde.org.

——————————————————————————–
Update Information:

**Horde 5.2.20** * [mjr] SECURITY: Fix XSS vulnerability when rendering custom
background colors in a sidebar row (Bug #14857).
——————————————————————————–
ChangeLog:

* Thu Sep 27 2018 Remi Collet <remi@remirepo.net> – 5.2.20-1
– update to 5.2.20
* Mon Aug 20 2018 Remi Collet <remi@remirepo.net> – 5.2.19-1
– update to 5.2.19
* Thu Jul 5 2018 Remi Collet <remi@remirepo.net> – 5.2.18-1
– update to 5.2.18
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-1de045298c’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-520062dcb8
2018-10-07 22:15:04.448690
——————————————————————————–

Name : php-horde-horde
Product : Fedora 28
Version : 5.2.20
Release : 1.fc28
URL : http://www.horde.org/apps/horde
Summary : Horde Application Framework
Description :
The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites. For
more information on Horde or the Horde Groupware suites, visit
http://www.horde.org.

——————————————————————————–
Update Information:

**Horde 5.2.20** * [mjr] SECURITY: Fix XSS vulnerability when rendering custom
background colors in a sidebar row (Bug #14857).
——————————————————————————–
ChangeLog:

* Thu Sep 27 2018 Remi Collet <remi@remirepo.net> – 5.2.20-1
– update to 5.2.20
* Mon Aug 20 2018 Remi Collet <remi@remirepo.net> – 5.2.19-1
– update to 5.2.19
* Thu Jul 5 2018 Remi Collet <remi@remirepo.net> – 5.2.18-1
– update to 5.2.18
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-520062dcb8’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-1f64819623
2018-10-07 21:10:49.841477
——————————————————————————–

Name : php-horde-Horde-Core
Product : Fedora 27
Version : 2.31.6
Release : 1.fc27
URL : http://pear.horde.org
Summary : Horde Core Framework libraries
Description :
These classes provide the core functionality of the Horde Application
Framework.

——————————————————————————–
Update Information:

**Horde_Core 2.31.6** * [mjr] SECURITY: Fix XSS vulnerability when rendering a
colorpicker (Bug #14857).
——————————————————————————–
ChangeLog:

* Wed Sep 26 2018 Remi Collet <remi@remirepo.net> – 2.31.6-1
– update to 2.31.6
* Thu Aug 16 2018 Remi Collet <remi@remirepo.net> – 2.31.5-1
– update to 2.31.5
* Mon Jun 11 2018 Remi Collet <remi@remirepo.net> – 2.31.3-1
– update to 2.31.3
* Mon Feb 12 2018 Remi Collet <remi@remirepo.net> – 2.31.2-1
– Update to 2.31.2
* Mon Nov 27 2017 Remi Collet <remi@remirepo.net> – 2.31.1-1
– Update to 2.31.1
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-1f64819623’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-f4558a5180
2018-10-07 22:15:04.448651
——————————————————————————–

Name : php-horde-Horde-Core
Product : Fedora 28
Version : 2.31.6
Release : 1.fc28
URL : http://pear.horde.org
Summary : Horde Core Framework libraries
Description :
These classes provide the core functionality of the Horde Application
Framework.

——————————————————————————–
Update Information:

**Horde_Core 2.31.6** * [mjr] SECURITY: Fix XSS vulnerability when rendering a
colorpicker (Bug #14857).
——————————————————————————–
ChangeLog:

* Wed Sep 26 2018 Remi Collet <remi@remirepo.net> – 2.31.6-1
– update to 2.31.6
* Thu Aug 16 2018 Remi Collet <remi@remirepo.net> – 2.31.5-1
– update to 2.31.5
* Mon Jun 11 2018 Remi Collet <remi@remirepo.net> – 2.31.3-1
– update to 2.31.3
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-f4558a5180’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-d280e35281
2018-10-07 21:10:49.841503
——————————————————————————–

Name : php-horde-kronolith
Product : Fedora 27
Version : 4.2.25
Release : 1.fc27
URL : http://www.horde.org/apps/kronolith
Summary : A web based calendar
Description :
Kronolith is the Horde calendar application. It provides web-based
calendars backed by a SQL database or a Kolab server. Supported features
include Ajax and mobile interfaces, shared calendars, remote calendars,
invitation management (iCalendar/iTip), free/busy management, resource
management, alarms, recurring events, and a sophisticated day/week view
which handles arbitrary numbers of overlapping events.

——————————————————————————–
Update Information:

**Kronolith 4.2.25** * [mjr] SECURITY: Fix XSS vulnerability in resource group
property view (Bug #14857). * [mjr] SECURITY: Fix XSS vulnerability in event URL
field (Bug #14857).
——————————————————————————–
ChangeLog:

* Thu Sep 27 2018 Remi Collet <remi@remirepo.net> – 4.2.25-1
– update to 4.2.25
* Thu Jul 5 2018 Remi Collet <remi@remirepo.net> – 4.2.24-1
– update to 4.2.24
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-d280e35281’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-1c9f3f4d9e
2018-10-07 22:15:04.448704
——————————————————————————–

Name : php-horde-kronolith
Product : Fedora 28
Version : 4.2.25
Release : 1.fc28
URL : http://www.horde.org/apps/kronolith
Summary : A web based calendar
Description :
Kronolith is the Horde calendar application. It provides web-based
calendars backed by a SQL database or a Kolab server. Supported features
include Ajax and mobile interfaces, shared calendars, remote calendars,
invitation management (iCalendar/iTip), free/busy management, resource
management, alarms, recurring events, and a sophisticated day/week view
which handles arbitrary numbers of overlapping events.

——————————————————————————–
Update Information:

**Kronolith 4.2.25** * [mjr] SECURITY: Fix XSS vulnerability in resource group
property view (Bug #14857). * [mjr] SECURITY: Fix XSS vulnerability in event URL
field (Bug #14857).
——————————————————————————–
ChangeLog:

* Thu Sep 27 2018 Remi Collet <remi@remirepo.net> – 4.2.25-1
– update to 4.2.25
* Thu Jul 5 2018 Remi Collet <remi@remirepo.net> – 4.2.24-1
– update to 4.2.24
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-1c9f3f4d9e’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorDanijel Kozinovic
Cert idNCERT-REF-2018-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa rust

Otkriven je sigurnosni nedostatak u programskom paketu rust za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje prepisivanje spremnika. Savjetuje...

Close