[non-FFe] horde3 3.1.7
Bug #207049 reported by
William Grant
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| horde3 (Ubuntu) |
Fix Released
|
High
|
William Grant | ||
Bug Description
Binary package hint: horde3
Horde 3.1.7 fixes CVE-2008-1284. There are no other upstream changes, so no FFe is required.
----------
v3.1.7-cvs
----------
[cjh] SECURITY: Fix arbitrary file inclusion through abuse of the theme
preference.
CVE References
| Changed in horde3: | |
| assignee: | nobody → fujitsu |
| importance: | Undecided → High |
| status: | New → In Progress |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in horde3: | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
This bug was fixed in the package horde3 - 3.1.7-1
---------------
horde3 (3.1.7-1) unstable; urgency=high
* New upstream release.
* This new version has security fix: fix arbitrary file inclusion through
abuse of the theme preference (see CVE-2008-1284 for more informations).
(Closes: #470640)
* Fix typo in debian/rules comments.
* Add php-net-imap package in "Suggests" field. (Closes: #470283)
* Add libgeoip1 package in "Suggests" field. (Closes: #376935)
-- William Grant <email address hidden> Sat, 15 Mar 2008 14:00:34 +0100