Stay Secure with the Latest Linux Advisories

security advisoryFedoramobile security

Fedora 32: FEDORA-2020-a41fda3b4c Moderate: php-Horde JavaScript Injection

**horde 5.2.23** * [mjr] SECURITY: Fix javascript injection vulnerability in mobile login page. * [mjr] Fix broken cloud search in portal block.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-a41fda3b4c 2020-06-24 00:59:05.970412 --------------------------------------------------------------------------------Name : php-horde-horde Product : Fedora 32 Version : 5.2.23 Release : 1.fc32 URL : https://www.horde.org/apps/horde Summary : Horde Application Framework Description : The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of production-level web applications, notably the Horde Groupware suites. For more information on Horde or the Horde Groupware suites, visit https://www.horde.org/ --------------------------------------------------------------------------------Update Information: **horde 5.2.23** * [mjr] SECURITY: Fix javascript injection vulnerability in mobile login page. * [mjr] Fix broken cloud search in portal block. --------------------------------------------------------------------------------ChangeLog: * Mon Jun 15 2020 Remi Collet - 5.2.23-1 - update to 5.2.23 * Tue Jun 2 2020 Remi Collet - 5.2.22-2 - requires php(httpd) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-a41fda3b4c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Enhance mobile login security in Fedora's php-Horde by implementing strategies like input sanitization, CSP, output escaping, prepared statements, and two-factor authentication. Fedora 32, php-Horde, javascript Injection, security fix, web applications. . LinuxSecurity.com Team

Jun 23, 2020 Fedora