Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 21 Sep 2017 20:03:51 +0200
From: Thomas Jarosch <thomas.jarosch@...ra2net.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: code execution in Horde_Image 2.0.0
 to 2.5.1

> This vulnerability affects all  
> versions of Horde_Image from 2.0.0 to 2.5.1.
> 
> A fixed version of the Horde_Image (version 2.5.2) library has already  
> been released and everybody is advised to upgrade to Horde_Image 2.5.2  
> as soon as possible.

the issue has been assigned CVE-2017-14650.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14650

Best regards,
Thomas Jarosch / Intra2net AG

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.