[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Security updates for horde packages


Two days ago (if I remember correctly) I uploaded a number
of horde packages that had an cross site scripting vulnerability
in them. As the packages is now frozen I want them to be forced
in to sarge.

The pacakges are:
kronolith, #307170, CAN-2005-1314
sork-accounts, #307175, CAN-2005-1318
sork-forwards, #307175, CAN-2005-1318
sork-vacation, #307174, CAN-2005-1318
turba, #307179, CAN-2005-1315

You will notice that all of these uploads are of new upstream
version. The upstream changes is small and in some cases just
contain this fix. All these versions are stable from a upstream
perspective so it should be safe to push them into sarge.

I have also uploaded a new version of imp4 with a number of
fixes from upstream. If you think that is acceptable it would be
very nice if you could push that in too. But this is up to you
to decide.


// Ola

 --------------------- Ola Lundqvist ---------------------------
/  opal@debian.org                     Annebergsslingan 37      \
|  opal@lysator.liu.se                 654 65 KARLSTAD          |
|  +46 (0)54-10 14 30                  +46 (0)70-332 1551       |
|  http://www.opal.dhs.org             UIN/icq: 4912500         |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36  4FE4 18A1 B1CF 0FE5 3DD9 /

Reply to: