[ubuntu/jaunty-security] horde3_3.2.2+debian0-2+lenny2build0.9.04.1_i386_translations.tar.gz (delayed), horde3 3.2.2+debian0-2+lenny2build0.9.04.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Jan 19 22:03:28 GMT 2010 

horde3 (3.2.2+debian0-2+lenny2build0.9.04.1) jaunty-security; urgency=low

  * fake sync from Debian

horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high

  * Non-maintainer upload by the security team
  * Fix several cross-site scripting vulnerabilities via crafted number
    preferences or inline MIME text parts when using text/plain as MIME
    type (horde ticket #8311 and #8399) (Issue was fixed in the previous
    version, but adjusting the conffile was missing)
    Fixes: CVE-2009-3237
  * Fix cross-site scripting vulnerability via data:text/html values in
    an HTML email message (horde ticket #8715)
    Fixes: CVE-2009-4363
  * Fix several cross-site scripting vulnerabilities via the PATH_INFO
    variable due to use of the PHP_SELF variable
    Fixes: CVE-2009-3701

Date: Tue, 19 Jan 2010 09:32:57 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Horde Maintainers <pkg-horde-hackers at lists.alioth.debian.org>
https://launchpad.net/ubuntu/jaunty/+source/horde3/3.2.2+debian0-2+lenny2build0.9.04.1
-------------- next part --------------
Format: 1.8
Date: Tue, 19 Jan 2010 09:32:57 -0600
Source: horde3
Binary: horde3
Architecture: source
Version: 3.2.2+debian0-2+lenny2build0.9.04.1
Distribution: jaunty-security
Urgency: high
Maintainer: Horde Maintainers <pkg-horde-hackers at lists.alioth.debian.org>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 horde3     - horde web application framework
Changes: 
 horde3 (3.2.2+debian0-2+lenny2build0.9.04.1) jaunty-security; urgency=low
 .
   * fake sync from Debian
 .
 horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Fix several cross-site scripting vulnerabilities via crafted number
     preferences or inline MIME text parts when using text/plain as MIME
     type (horde ticket #8311 and #8399) (Issue was fixed in the previous
     version, but adjusting the conffile was missing)
     Fixes: CVE-2009-3237
   * Fix cross-site scripting vulnerability via data:text/html values in
     an HTML email message (horde ticket #8715)
     Fixes: CVE-2009-4363
   * Fix several cross-site scripting vulnerabilities via the PATH_INFO
     variable due to use of the PHP_SELF variable
     Fixes: CVE-2009-3701
Checksums-Sha1: 
 39e310b6c4c4e8c846980afd86eb9019005caa03 1440 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc
 f86aafe6e384f207743e5132cef515fa5e8b9c44 28150 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz
Checksums-Sha256: 
 0cec11ec2fa9f77ee6cf08acd91d51179435a5d6da84ef9a0a33e68d4605a3e3 1440 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc
 8e4c5a2edbbe1cc543c70744210c7d26d48e667ef5ac8e620696a74b6f670c69 28150 horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz
Files: 
 346fd3f01125b4a9adddb73e195a7e07 1440 web optional horde3_3.2.2+debian0-2+lenny2build0.9.04.1.dsc
 679113aab6340a160e5ef8b20422b53e 28150 web optional horde3_3.2.2+debian0-2+lenny2build0.9.04.1.diff.gz

More information about the Jaunty-changes mailing list