Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4afaa516 by Tobias Frost at 2024-10-18T17:41:37+02:00 CVE-2022-30287/php-horde-turby Note that upstream has an issue and needs an additional patch See the comment in https://github.com/horde/turba/commit/0d1e74802dd2ff8758c5b1dd5323a0101d49897d#r75492719 Mentioned change for 4.2.27 is: https://github.com/horde/turba/commit/006affc530966704937c55611fadb1669026b9f6 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -196817,6 +196817,7 @@ CVE-2022-30287 (Horde Groupware Webmail Edition through 5.2.22 allows a reflecti NOTE: https://lists.horde.org/archives/horde/Week-of-Mon-20220530/059225.html NOTE: Possible alternative patch: https://github.com/horde/turba/pull/7 NOTE: Fixed by: https://github.com/horde/turba/commit/0d1e74802dd2ff8758c5b1dd5323a0101d49897d (v4.2.26) + NOTE: regression in above patch, needs https://github.com/horde/turba/commit/006affc530966704937c55611fadb1669026b9f6 NOTE: Fixed by: https://github.com/horde/turba/commit/3bccab322af4ae96d5925f0ce9f9af0978af924b (v4.2.26) CVE-2022-30286 (pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 ...) NOT-FOR-US: pyscriptjs View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4afaa516a231813838ec8e5d6eb0f65b97172306 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4afaa516a231813838ec8e5d6eb0f65b97172306 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
