Bug#1012279: php-horde-turba: CVE-2022-30287
Hello together, On 2022-06-05 14:35 7, Salvatore Bonaccorso wrote: it looks that the force pushed commit two days ago adjusted two further create() -> createTrusted() stances in lib/Application.php, can you double check? functions backup and _restoreContact are only available on turba/master for future release. Best Regards, Juri Grabowski
Bug#955020: marked as pending in php-horde-form
Control: tag -1 pending Hello, Bug #955020 in php-horde-form reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/horde-team/php-horde-form/-/commit/f5298c4b3f2584dce8665d2b16e3d66d1fb4a179 SECURITY: Prevent ability to specify temporary filename (CVE-2020-8866) (Closes: #955020) (this message was generated automatically) -- Greetings https://bugs.debian.org/955020
Bug#806946: bindgraph
Hello,
I cannot reproduce it on sid with my settings:
cat <>/etc/bind/named.conf.options
logging {
channel querylog{
file "/var/log/bind9-query.log";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog;}; };
EOF
in options section:
querylog yes;
install -D --group=adm --owner=bind --mode=0640 /dev/null
/var/log/bind9-query.log
service bind9 restart
service bindgraph restart
a2enmod cgi
service apache2 restart
serve http://$FQDN/cgi-bin/bindgraph.cgi
Best Regards,
Juri Grabowski
