Fedora 21 Security Advisory: PHP-Horde-Icalendar XSS Fix Critical
fedora
July 21, 2015
**Horde_Form 2.0.10** * [jan] SECURITY: Fixed XSS in form renderer
Summary
An API for dealing with iCalendar data.
Update Information:
**Horde_Form 2.0.10**
* [jan] SECURITY: Fixed XSS in form renderer.
**Horde_Icalendar 2.1.1**
* [jan] Fix generated VALARM TRIGGER attributes with empty duration (Ralf Becker).
**Horde_Auth 2.1.10**
* [jan] SECURITY: Don't allow to login to LDAP with an emtpy password.
**Horde_Core 2.20.6**
* [jan] SECURITY: Don't allow to login with an emtpy password.
* [jan] Give administrators access to all groups, even with $conf['share']['any_group'] disabled.
Topics Covered
Change Log
* Mon Jul 6 2015 Remi Collet
References
Fedora Update Notification FEDORA-2015-11287 2015-07-10 16:34:10
Name : php-horde-Horde-Icalendar Product : Fedora 21 Version : 2.1.1 Release : 1.fc21 URL : http://pear.horde.org Summary : iCalendar API Description : An API for dealing with iCalendar data.
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update php-horde-Horde-Icalendar' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: php-horde-Horde-Icalendar
Product: Fedora 21
Version: 2.1.1
Release: 1.fc21
Summary: iCalendar API
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!