Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 494
Alerts This Week
Warning Icon 1 494

Fedora 23 Security Advisory: php-horde-horde CSRF Fix and Update

fedora
Calendar Grey November 2, 2015
Dist Fedora Esm H88
Important security patch released for php-horde-horde in Fedora 23, strengthening defenses against CSRF vulnerabilities on administrative interfaces and additional improvements.
**horde 5.2.8** * [mjr] SECURITY: Protect against CSRF attacks on various admin pages

Summary

The Horde Application Framework is a flexible, modular, general-purpose web

application framework written in PHP. It provides an extensive array of

components that are targeted at the common problems and tasks involved in

developing modern web applications. It is the basis for a large number of

production-level web applications, notably the Horde Groupware suites. For

more information on Horde or the Horde Groupware suites, visit

https://www.horde.org/

Update Information:

**horde 5.2.8** * [mjr] SECURITY: Protect against CSRF attacks on various admin pages. * [jan] Don't apply access keys to checkbox and radiobox rows in the sidebar (Bug #14103). * [jan] Send correct MIME type for non-statically cached javascript files. * [mjr] Added configuration support for version 2 of WorldWeatherOnline's API. **ingo 3.2.7** * [jan] Update Italian translation. * [mjr] Add database migration for fixing corrupt rule ordering. * [mjr] Fix corruption of rule order when reordering rules in certain cases. **imp 6.2.11** * [mjr] Request that the contacts API only consider email fields when detecting duplicates during automatic saving of attendees to the address book (Bug #14119). * [jan] Don't show 'Create Keys' button if creating PGP keys is disabled (steffen.hau@rz.uni-mannheim.de, Request #14096). * [mjr] Fix displaying iTips with certain locale/date_format preference combinations (Bug #14076). **passwd 5.0.4** * [mjr] Fix changing password using Kolab driver (...

Change Log

References

Fedora Update Notification FEDORA-2015-46c331cb4e 2015-11-02 17:42:58.181772
Name : php-horde-horde Product : Fedora 23 Version : 5.2.8 Release : 1.fc23 URL : https://www.horde.org/apps/horde Summary : Horde Application Framework Description : The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of production-level web applications, notably the Horde Groupware suites. For more information on Horde or the Horde Groupware suites, visit https://www.horde.org/

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php-horde-horde' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php-horde-horde
Product: Fedora 23
Version: 5.2.8
Release: 1.fc23
Summary: Horde Application Framework

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.