-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : collabtive Version : 2.0+dfsg-5+deb8u1 CVE ID : CVE-2015-0258
An issue has been found in collabtive, a web-based project management software. Due to missing checks an attacker could upload scripts, which
would execute code on the server by accessing for example avatar images. For Debian 8 "Jessie", this problem has been fixed in version 2.0+dfsg-5+deb8u1. We recommend that you upgrade your collabtive packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl5Zk65fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEefzxAAiBFzuD0Qm9qNmE1x+lfyVDe12M847akKIUSwhTDS43lYWzFyUbAvVcO8 BX5Y651yamGPuloI6i9/GhJtW2DO7sEwl2CKeVrjF1gb2y3ja/Gb0L7WLKsI9Buf rM5p4qbhQi4yPWkhfvmMXrZHOJGkshNAV0zr+yHroMUZYCrDAcw+Uf+szb4qfr/C QB56FqMBQLkp419RaKvBfBqpDEd5nwxBMtQtgHk1qxxJbcG7rM/ehoCCMIszg3VO yDhbm4TT7SruB0h/EN3+58iSt24+2XtTKzOxepkWgHEWDns+7K5nQKHZxQzAwv94 T+4n2qNsKjJFLxFACt4qBFyJkLe+R2S3i0LuArXUVG8wHi0+EWVsp/vGzhE0PHq8 cjzs6NFfLHK3Gw1ITof8J/upGTdC9kwfdopnW00WozwYAg7wZUqpfOdinR88mXc9 Zys+ZTPEOUvCvgM7vr6PGUQu/GIZeAvRSUKCEOq62BL2YsuzZzY+0exFb7pKHbL+ w5imH5atQoNQyIctjjeuXgT+b4Tyi1Ao0Z17xHxt8DIE9BZ/XrvULS7dLA2Vdfxn UK29Tpv5Xk9lNKWelay9yRvVzrAlbkXuz6gWNq2qWv4wrZ8hbiS6pUYGPhEFqPU7 HoQJ7/4zmP8BmKL1I++93RB/+XRHnSJ3BvRPwtBrWcW6NLrHq8k= =2RvP -----END PGP SIGNATURE-----
