Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Fedora 21: php-horde-imp Security Advisory for CSRF Threat

fedora
Calendar Grey November 4, 2015
Dist Fedora Esm H88
This Fedora update fixes CSRF vulnerabilities in php-horde-imp, enhancing security and improving functionality for users.
**horde 5.2.8** * [mjr] SECURITY: Protect against CSRF attacks on various admin pages

Summary

IMP, the Internet Mail Program, is one of the most popular and widely

deployed open source webmail applications in the world. It allows

universal, web-based access to IMAP and POP3 mail servers and provides

Ajax, mobile and traditional interfaces with a rich range of features

normally found only in desktop email clients.

Update Information:

**horde 5.2.8** * [mjr] SECURITY: Protect against CSRF attacks on various admin pages. * [jan] Don't apply access keys to checkbox and radiobox rows in the sidebar (Bug #14103). * [jan] Send correct MIME type for non-statically cached javascript files. * [mjr] Added configuration support for version 2 of WorldWeatherOnline's API. **ingo 3.2.7** * [jan] Update Italian translation. * [mjr] Add database migration for fixing corrupt rule ordering. * [mjr] Fix corruption of rule order when reordering rules in certain cases. **imp 6.2.11** * [mjr] Request that the contacts API only consider email fields when detecting duplicates during automatic saving of attendees to the address book (Bug #14119). * [jan] Don't show 'Create Keys' button if creating PGP keys is disabled (steffen.hau@rz.uni-mannheim.de, Request #14096). * [mjr] Fix displaying iTips with certain locale/date_format preference combinations (Bug #14076). **passwd 5.0.4** * [mjr] Fix changing password using Kolab driver (...

Change Log

References


[ 1 ] Bug #1277410 - php-horde-horde: Multiple CSRF vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1277410

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php-horde-imp' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php-horde-imp
Product: Fedora 21
Version: 6.2.11
Release: 1.fc21
Summary: A web based webmail system

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.