|
|
Subscribe / Log in / New account

php-horde: multiple vulnerabilities

Package(s):php-horde CVE #(s):
Created:July 21, 2015 Updated:July 22, 2015
Description: From the Fedora advisory:

**Horde_Form 2.0.10**
* [jan] SECURITY: Fixed XSS in form renderer.

**Horde_Icalendar 2.1.1**
* [jan] Fix generated VALARM TRIGGER attributes with empty duration (Ralf Becker).

**Horde_Auth 2.1.10**
* [jan] SECURITY: Don't allow to login to LDAP with an empty password.

**Horde_Core 2.20.6**
* [jan] SECURITY: Don't allow to login with an empty password.
* [jan] Give administrators access to all groups, even with $conf['share']['any_group'] disabled.

Alerts:
Fedora FEDORA-2015-11287 php-horde-Horde-Icalendar 2015-07-21
Fedora FEDORA-2015-11261 php-horde-Horde-Icalendar 2015-07-21
Fedora FEDORA-2015-11287 php-horde-Horde-Form 2015-07-21
Fedora FEDORA-2015-11261 php-horde-Horde-Form 2015-07-21
Fedora FEDORA-2015-11287 php-horde-Horde-Core 2015-07-21
Fedora FEDORA-2015-11261 php-horde-Horde-Core 2015-07-21
Fedora FEDORA-2015-11287 php-horde-Horde-Auth 2015-07-21
Fedora FEDORA-2015-11261 php-horde-Horde-Auth 2015-07-21
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds