TITLE: Debian update for horde3 SECUNIA ADVISORY ID: SA19619 VERIFY ADVISORY: http://secunia.com/advisories/19619/ CRITICAL: Highly critical IMPACT: Cross Site Scripting, Exposure of sensitive information, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for horde3. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to disclose sensitive information or compromise a vulnerable system. For more information: SA17970 SA19246 SA19485 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4-4sarge3.dsc Size/MD5 checksum: 628 7b66ee691ce42e8a50a072f82667be0b http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4-4sarge3.diff.gz Size/MD5 checksum: 11630 20195835db40066033ddb80df5658740 http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4.orig.tar.gz Size/MD5 checksum: 3378143 e2221d409ba1c8841ce4ecee981d7b61 Architecture independent components: http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4-4sarge3_all.deb Size/MD5 checksum: 3436640 eadf553e1f8d9117155dbb09fe1dec34 -- Debian GNU/Linux unstable alias sid -- Fixed in version 3.1.1-1. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1033 OTHER REFERENCES: SA17970: http://secunia.com/advisories/17970/ SA19246: http://secunia.com/advisories/19246/ SA19485: http://secunia.com/advisories/19485/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------