[pkg-horde] Bug#659392: Some information
micah at riseup.net
Wed Feb 15 00:22:29 UTC 2012
I've been trying to figure out if this issue affects stable.
The issues point to this openwall post:
which has actual git commits for things.
CVE-2012-0791 has a simple changeset:
it touches two files:
neither of these files is in horde3 or imp4 that is in Squeeze.
For the other issue CVE-2012-0909, that seems to affect Squeeze's IMP,
and a changeset between version 4.3.10 and 4.3.11 was published here:
Squeeze has 4.3.7 - I've looked at the changeset above with a co-worker
and it does not look too hard to port to the debian version. We'll do so
in the next couple of days if nobody else does first.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 835 bytes
Desc: not available
More information about the pkg-horde-hackers