On Wed, Mar 29, 2006 at 09:10:16PM +0200, Lionel Elie Mamane
wrote:> On Wed, Mar 29, 2006 at 08:19:51PM +0200, Lionel Elie Mamane wrote:
>> On Wed, Mar 29, 2006 at 08:07:50PM +0200, Lionel Elie Mamane wrote:
>>> On Wed, Mar 29, 2006 at 05:04:27PM +0200, Martin Schulze wrote:
>>>> I''ve been told (haven''t had the time to check
on my own) that a very
>>>> serious security problem in horde has been discovered.
>>>> Are you able to provide fixed packages for woody, sarge and sid
>>>> soon, if the version in one of these distributions is affected
>>>> by this problem?
>>> Update for sarge is at http://people.debian.org/horde/ .
> OK, now horde2 in sarge... Stay tuned...
Uploaded to http://people.debian.org/horde/ . I couldn''t find code
similar to the one patched by the CVE-2005-4190 fix (several XSS
problems in the share edit window), so I assume horde2 is not
vulnerable to it. There were fewer eval() calls to remove, but still
some. The arbitrary file access thing was there, in a different file.
TODO left (not by me today; going to bed):
CVE-2005-4192 in mnemo in sarge?
CVE-2005-4191 in nag in sarge?
Package and upload horde3 3.1.1-1 to sid, which will fix
CVE-UNKNOWN-TODO (remote code execution).
Non-vulnerabilities:
sid after the next dinstall run (version 3.1-1): CVE-2006-1260, CVE-2005-4190
(etch is vulnerable and will be until 3.1-1 migrates. Alas, the
upload is urgency=low; maybe doesn''t matter much as an urgency=high
upload of 3.1.1-1 will override it hopefully soonish).
--
Lionel