On Tue, 2005-07-05 at 12:05 +1000, Dave Hall wrote: > Hi all, > > All phpGroupWare versions earlier than 0.9.16.006 have an arbitrary code > execution vulnerability, as outlined in the upstream annoucement - see > CAN-2005-1921
Correction it is SA15852 - http://secunia.com/advisories/15852/ not CAN-2005-1921, we don't use PEAR XML-RPC. Sorry for the confusion. Cheers Dave -- Dave Hall (aka skwashd) API Coordinator phpGroupWare ------------------------------------------------------------------------- Do you think if Bill Gates got laid in high school, do you think there'd be a Microsoft? Of course not. Underwear Goes Inside The Pants by Lazy Boy _______________________________________________ Phpgroupware-developers mailing list Phpgroupware-developers@gnu.org http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
