Fedora 31: FEDORA-2020-1a968aeb47 Critical: Horde XSS Fixes

The Horde Application Framework is a flexible, modular, general-purpose web

application framework written in PHP. It provides an extensive array of

components that are targeted at the common problems and tasks involved in

developing modern web applications. It is the basis for a large number of

production-level web applications, notably the Horde Groupware suites. For

more information on Horde or the Horde Groupware suites, visit

https://www.horde.org/

**horde 5.2.22** * [jan] SECURITY: Protect image processing service from

rendering active SVG content within the browser. * [jan] SECURITY: Fix XSS

vulnerabilities in administration interface. * [jan] Support Redis Sentinel

configuration (Michael Menge <michael.menge@zdv.uni-tuebingen.de>, Request

#14998). * [jan] Use file hashing for detecting outdated configuration files.

* Tue Apr 21 2020 Remi Collet - 5.2.22-1

- update to 5.2.22

su -c 'dnf upgrade --advisory FEDORA-2020-1a968aeb47' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/