ports/182781: egroupware remote access vulnerability
Dewayne
dewayne.geraghty at heuristicsystems.com.au
Mon Oct 7 04:40:02 UTC 2013
>Number: 182781
>Category: ports
>Synopsis: egroupware remote access vulnerability
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Oct 07 04:40:01 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Dewayne
>Release: FreeBSD 9.2S
>Organization:
>Environment:
>Description:
egroupware has a remote access security vulnerability. Mitigated in version 1.8.05, identified at
http://sourceforge.net/projects/egroupware/files/eGroupware-1.8/eGroupware-1.8.005.20131001/
Its difficult to ascertain what the actual problem is. The egroupware team have rated 9 CVE vulnerabilities since 2007 as low.
It would be prudent to update the application.
Ref:
http://www.cvedetails.com/product/4141/Egroupware-Egroupware.html?vendor_id=2373
>How-To-Repeat:
>Fix:
In Makefile
-PORTVERSION= 1.8.004.20130831
+PORTVERSION= 1.8.005.20131001
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list