|
Message-Id: <201401282020.s0SKK6ju007926@linus.mitre.org> Date: Tue, 28 Jan 2014 15:20:06 -0500 (EST) From: cve-assign@...re.org To: pedrib@...il.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, jan@...de.org, carnil@...ian.org, seth.arnold@...onical.com, security@...ian.org, security@...ntu.com, security@...de.org Subject: Re: Remote code execution in horde < 5.1.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > There is a remote code execution bug in horde affecting all versions from > at least horde 3.1.x to 5.1.1. > This has been fixed in commit > https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3 > Also check changelog > https://github.com/horde/horde/blob/82c400788537cfc0106b68447789ff53793ac086/bundles/groupware/docs/CHANGES#L215 Use CVE-2014-1691. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJS6BBOAAoJEKllVAevmvmsxC0H/3N7rzO2EaPMilm2rVygcZe/ CEfkLhuu/85I5/4MZUkFE4dXkd5pn5pqFT5t4IgCxHGsoVK2q4sdHXGt1bLcPYjR 6V9EvwmI7X/HKeC6Ic3nomPSwiw+0FSuc7ofW0Yp/BbRmc5nLoNZiUhpGXv3A1wF IpEH7J5o9/gmRQilnA2pl/fnBzDdRrdFjM6lKr30ntTlguRAVVRUBpi1uKNwK3fz D1doE4/sixCmaF6qfT5VSJhnX1jOOz4bnpR2b8S5H0LSghiahCchTKVCtEiv/uAL snVOmJhVEAjYZ4mrk8410i6nTd0vri8QCe4qsR5E6zQEsKzazDBuTM1AZc533sE= =+xzP -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.