Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 25: 2017-17f457262c Critical XSS Fix for Horde URL

fedora
Calendar Grey August 10, 2017
Dist Fedora Esm H88
Address XSS flaw in Horde_Url 2.2.6 for Fedora 25. Use dnf to upgrade for improved security following the guidance from this advisory.
**Horde_Url 2.2.6** * [jan] SECURITY: Fix XSS vulnerability with pathinfo component in toString().

Summary

This class represents a single URL and provides methods for manipulating

URLs.

**Horde_Url 2.2.6** * [jan] SECURITY: Fix XSS vulnerability with pathinfo

component in toString().

su -c 'dnf upgrade php-horde-Horde-Url' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory fedora software update php xss horde url

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 25
Version: 2.2.6
Release: 1.fc25
URL: http://pear.horde.org
Summary: Horde Url class

Topics%20covered

Topics Covered

security advisory fedora software update php xss horde url

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here