Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories» Fedora » php-horde-Horde-Text-Filter 2.3.5 updates

php-horde-Horde-Text-Filter 2.3.5 updates

**Horde_Text_Filter 2.3.5** * [jan] SECURITY: Fix XSS via data:text/html content of form action and xlink attributes (Reported by Liuzhu).

  • Vendor: Fedora
  • Vendor ID: FEDORA-2016-58bc2a649a
  • Date: September 22, 2016


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-58bc2a649a
2016-09-21 21:32:42.175859
--------------------------------------------------------------------------------

Name : php-horde-Horde-Text-Filter
Product : Fedora 24
Version : 2.3.5
Release : 1.fc24
URL : http://pear.horde.org/
Summary : Horde Text Filter API
Description :
Common methods for fitering and converting text.

--------------------------------------------------------------------------------
Update Information:

**Horde_Text_Filter 2.3.5** * [jan] SECURITY: Fix XSS via data:text/html
content of form action and xlink attributes (Reported by Liuzhu).
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1375481 - php-horde: XSS with data:html links and form actions
https://bugzilla.redhat.com/show_bug.cgi?id=1375481
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update php-horde-Horde-Text-Filter' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »