Debian 11: DLA-3923-1 critical: php-horde-turba deserialization issue
debian lts
October 19, 2024
It was discovered that there was an arbitrary object deserialization vulnerability in php-horde-turba, an address book component for the Horde groupware suite
Summary
For Debian 11 bullseye, this problem has been fixed in version
4.2.25-5+deb11u2
We recommend that you upgrade your php-horde-turba packages.
For the detailed security status of php-horde-turba please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/php-horde-turba
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Note:
4.2.25-5+deb11u1 had been uploaded incorrectly and thus never reached
the archived. 4.2.25-5+deb11u2 is a no-change re-upload to correct
this mistake.
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: php-horde-turba
Version: 4.2.25-5+deb11u2
CVE ID: CVE-2022-30287
Debian Bug: 1012279
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!