Package: horde3 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for horde3.
CVE-2008-3650[0]: | Multiple unspecified vulnerabilities in Horde Groupware Webmail before | Edition 1.1.1 (final) have unknown impact and attack vectors related | to "unescaped output," possibly cross-site scripting (XSS), in the (1) | object browser and (2) contact view. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Please see the upstream announcement[1] for further information. If the horde code appears to be vulnerable, I believe we have to check all the other packages including code copies as well :/ Cheers Steffen For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3650 http://security-tracker.debian.net/tracker/CVE-2008-3650 [1] http://lists.horde.org/archives/announce/2008/000420.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]