Fedora 22: Critical XSS and Authentication Issues from 2015-11261
fedora
July 21, 2015
**Horde_Form 2.0.10** * [jan] SECURITY: Fixed XSS in form renderer
Summary
These classes provide the core functionality of the Horde Application
Framework.
Update Information:
**Horde_Form 2.0.10**
* [jan] SECURITY: Fixed XSS in form renderer.
**Horde_Icalendar 2.1.1**
* [jan] Fix generated VALARM TRIGGER attributes with empty duration (Ralf Becker).
**Horde_Auth 2.1.10**
* [jan] SECURITY: Don't allow to login to LDAP with an emtpy password.
**Horde_Core 2.20.6**
* [jan] SECURITY: Don't allow to login with an emtpy password.
* [jan] Give administrators access to all groups, even with $conf['share']['any_group'] disabled.
Topics Covered
Change Log
* Tue Jul 7 2015 Remi Collet
References
Fedora Update Notification FEDORA-2015-11261 2015-07-10 16:32:56
Name : php-horde-Horde-Core Product : Fedora 22 Version : 2.20.6 Release : 1.fc22 URL : http://pear.horde.org Summary : Horde Core Framework libraries Description : These classes provide the core functionality of the Horde Application Framework.
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update php-horde-Horde-Core' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: php-horde-Horde-Core
Product: Fedora 22
Version: 2.20.6
Release: 1.fc22
Summary: Horde Core Framework libraries
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!