Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 23: PHP Horde 2.2.1 Moderate Advisory on XSS Prevention

fedora
Calendar Grey September 21, 2016
Dist Fedora Esm H88
Strengthen your defenses by updating to Fedora 23's php-horde-Horde-Mime-Viewer, which now addresses vulnerabilities that could allow XSS through SVG content rendering.
**Horde_Mime_Viewer 2.2.1** * [jan] SECURITY: Don't render SVG images in the browser to avoid XSS attacks (Reported by Dawid Gounski via Beyond Security's SecuriTeam Secure Disclos...

Summary

Provides rendering drivers for MIME data.

Update Information:

**Horde_Mime_Viewer 2.2.1** * [jan] SECURITY: Don't render SVG images in the browser to avoid XSS attacks (Reported by Dawid Gounski via Beyond Security's SecuriTeam Secure Disclosure program).

Topics%20covered

Topics Covered

security advisory security update fedora moderate severity php horde mime viewer xss prevention

Change Log

References


[ 1 ] Bug #1375485 - php-horde: XSS vulnerability via SVG images https://bugzilla.redhat.com/show_bug.cgi?id=1375485

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php-horde-Horde-Mime-Viewer' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: php-horde-Horde-Mime-Viewer
Product: Fedora 23
Version: 2.2.1
Release: 1.fc23
URL: http://pear.horde.org
Summary: Horde MIME Viewer Library

Topics%20covered

Topics Covered

security advisory security update fedora moderate severity php horde mime viewer xss prevention

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here