Date: Thu, 21 Sep 2017 20:03:51 +0200 From: Thomas Jarosch <thomas.jarosch@...ra2net.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: code execution in Horde_Image 2.0.0 to 2.5.1 > This vulnerability affects all > versions of Horde_Image from 2.0.0 to 2.5.1. > > A fixed version of the Horde_Image (version 2.5.2) library has already > been released and everybody is advised to upgrade to Horde_Image 2.5.2 > as soon as possible. the issue has been assigned CVE-2017-14650. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14650 Best regards, Thomas Jarosch / Intra2net AG
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ