Secunia Security Advisory - Debian has issued an update for horde2. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
7d922ce58d22aac9461631dc9d2072c027b803177eab377c5b4a3bf5a9db5ae7
TITLE:
Debian update for horde2
SECUNIA ADVISORY ID:
SA17794
VERIFY ADVISORY:
http://secunia.com/advisories/17794/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
OPERATING SYSTEM:
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
DESCRIPTION:
Debian has issued an update for horde2. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
For more information:
SA17468
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 3.1 alias sarge --
Source archives:
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge1.dsc
Size/MD5 checksum: 575 fc3d76af255dd93e839ed24cf7c3ba84
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge1.diff.gz
Size/MD5 checksum: 38308 d87c50a15c7133ba4ca29d99c77d5da1
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8.orig.tar.gz
Size/MD5 checksum: 683005 89961af4e4488a908147d7b3a0dc3b44
Architecture independent components:
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge1_all.deb
Size/MD5 checksum: 721182 761d84ac7f89eef150fa21c8b0c79541
-- Debian GNU/Linux unstable alias sid --
Fixed in version 2.2.9-1.
ORIGINAL ADVISORY:
http://www.debian.org/security/2005/dsa-914
OTHER REFERENCES:
SA17468:
http://secunia.com/advisories/17468/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------