Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 21: 2015-11287 Moderate: PHP-Horde XSS And Auth Updates

fedora
Calendar Grey July 21, 2015
Dist Fedora Esm H88
PHP-Horde-Horde-Core Security Patch for Fedora 21 resolving CSRF and credential exposure points in form rendering and user authentication processes.
**Horde_Form 2.0.10** * [jan] SECURITY: Fixed XSS in form renderer

Summary

These classes provide the core functionality of the Horde Application

Framework.

Update Information:

**Horde_Form 2.0.10** * [jan] SECURITY: Fixed XSS in form renderer.

**Horde_Icalendar 2.1.1** * [jan] Fix generated VALARM TRIGGER attributes with empty duration (Ralf Becker).

**Horde_Auth 2.1.10** * [jan] SECURITY: Don't allow to login to LDAP with an emtpy password.

**Horde_Core 2.20.6** * [jan] SECURITY: Don't allow to login with an emtpy password. * [jan] Give administrators access to all groups, even with $conf['share']['any_group'] disabled.

Topics%20covered

Topics Covered

security advisory Fedora cross-site scripting security fix authentication form rendering core framework

Change Log

* Tue Jul 7 2015 Remi Collet - 2.20.6-1 - Update to 2.20.6 * Fri Jun 12 2015 Remi Collet - 2.20.5-1 - Update to 2.20.5 * Tue Jun 2 2015 Remi Collet - 2.20.4-1 - Update to 2.20.4 * Fri May 29 2015 Remi Collet - 2.20.3-1 - Update to 2.20.3 * Tue May 19 2015 Remi Collet - 2.20.2-1 - Update to 2.20.2 * Tue May 19 2015 Remi Collet - 2.20.1-1 - Update to 2.20.1 * Tue Apr 28 2015 Remi Collet - 2.20.0-1 - Update to 2.20.0 * Wed Mar 4 2015 Remi Collet - 2.19.2-1 - Update to 2.19.2 * Tue Mar 3 2015 Remi Collet - 2.19.1-1 - Update to 2.19.1 * Wed Feb 11 2015 Remi Collet - 2.19.0-1 - Update to 2.19.0 * Fri Jan 9 2015 Remi Collet - 2.18.3-1 - Update to 2.18.3 - add provides php-composer(horde/horde-core) * Tue Jan 6 2015 Remi Collet - 2.18.1-1 - Update to 2.18.1 * Mon Dec 29 2014 Remi Collet - 2.18.0-1 - Update to 2.18.0 * Tue Dec 16 2014 Remi Collet - 2.17.2-1 - Update to 2.17.2 * Tue Nov 25 2014 Remi Collet - 2.17.1-1 - Update to 2.17.1 * Sun Nov 23 2014 Remi Collet - 2.17.0-1 - Update to 2.17.0 - raise dependency on Horde_Mime >= 2.5.0

References

Fedora Update Notification FEDORA-2015-11287 2015-07-10 16:34:10
Name : php-horde-Horde-Core Product : Fedora 21 Version : 2.20.6 Release : 1.fc21 URL : http://pear.horde.org Summary : Horde Core Framework libraries Description : These classes provide the core functionality of the Horde Application Framework.

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php-horde-Horde-Core' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: php-horde-Horde-Core
Product: Fedora 21
Version: 2.20.6
Release: 1.fc21
URL: http://pear.horde.org
Summary: Horde Core Framework libraries

Topics%20covered

Topics Covered

security advisory Fedora cross-site scripting security fix authentication form rendering core framework

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here