Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

Fedora 26: php-horde-kronolith Security Update for Open Redirect

fedora
Calendar Grey August 10, 2017
Dist Fedora Esm H88
Kronolith version 4.2.22 addresses vulnerabilities concerning open redirects and enhances the reliability of the calendar application on Fedora systems.
**kronolith 4.2.22** * [jan] SECURITY: Fix open redirects

Summary

Kronolith is the Horde calendar application. It provides web-based

calendars backed by a SQL database or a Kolab server. Supported features

include Ajax and mobile interfaces, shared calendars, remote calendars,

invitation management (iCalendar/iTip), free/busy management, resource

management, alarms, recurring events, and a sophisticated day/week view

which handles arbitrary numbers of overlapping events.

**kronolith 4.2.22** * [jan] SECURITY: Fix open redirects. * [mjr] Prevent

broken iCalendar files from causing fatal errors (Bug #14672). * [jan] Work

around calendar servers advertising as CalDAV-capable, but ignoring CalDAV

requests (Bug #14662). * [jan] Fix displaying yesterday's event in Prior

Events portal block (admin@layertec.de, Bug #14638).

su -c 'dnf upgrade php-horde-kronolith' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 26
Version: 4.2.22
Release: 1.fc26
Summary: A web based calendar

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.