Information on source package php-horde

Available versions

ReleaseVersion
jessie5.2.1+debian0-2+deb8u3
jessie (security)5.2.1+debian0-2+deb8u5
stretch5.2.13+debian0-1
buster5.2.20+debian0-1
bullseye5.2.21+debian0-1
sid5.2.21+debian0-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-12095fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedHorde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ...
CVE-2019-12094vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableHorde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ...
CVE-2017-16907fixedvulnerable (no DSA)fixedfixedfixedIn Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...

Resolved issues

BugDescription
TEMP-0785364-25992BXSS in group administration
CVE-2016-2228Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_me ...
CVE-2015-7984Multiple cross-site request forgery (CSRF) vulnerabilities in Horde be ...
CVE-2013-6365Horde Groupware Web mail 5.1.2 has CSRF with requests to change permis ...
CVE-2013-6364Horde Groupware Webmail Edition has CSRF and XSS when saving search as ...
CVE-2013-1090The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership fo ...

Security announcements

DSA / DLADescription
DLA-2033-1php-horde - security update
DLA-1535-1php-horde - security update
DSA-3497-1php-horde - security update
DSA-3391-1php-horde - security update

Search for package or bug name: Reporting problems