Date: Mon, 7 Oct 2013 04:39:36 GMT From: Dewayne <dewayne.geraghty@heuristicsystems.com.au> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/182781: egroupware remote access vulnerability Message-ID: <201310070439.r974daLR035120@oldred.freebsd.org> Resent-Message-ID: <201310070440.r974e2HF080016@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 182781 >Category: ports >Synopsis: egroupware remote access vulnerability >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Oct 07 04:40:01 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Dewayne >Release: FreeBSD 9.2S >Organization: >Environment: >Description: egroupware has a remote access security vulnerability. Mitigated in version 1.8.05, identified at http://sourceforge.net/projects/egroupware/files/eGroupware-1.8/eGroupware-1.8.005.20131001/ Its difficult to ascertain what the actual problem is. The egroupware team have rated 9 CVE vulnerabilities since 2007 as low. It would be prudent to update the application. Ref: http://www.cvedetails.com/product/4141/Egroupware-Egroupware.html?vendor_id=2373 >How-To-Repeat: >Fix: In Makefile -PORTVERSION= 1.8.004.20130831 +PORTVERSION= 1.8.005.20131001 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201310070439.r974daLR035120>