Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 28 Jan 2014 10:10:19 +0000
From: Pedro Ribeiro <>
Cc: Jan Schneider <>, Salvatore Bonaccorso <>, 
	Seth Arnold <>,,,
Subject: Remote code execution in horde < 5.1.1


There is a remote code execution bug in horde affecting all versions from
at least horde 3.1.x to 5.1.1.
This has been fixed in commit
Also check changelog

Can you please assign a CVE for this issue?

Thanks in advance.

PS: while I discovered this bug independently reviewing horde3 code, the
full credit should go to the horde maintainers as they discovered and fixed
it first on horde5.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ