[Git][security-tracker-team/security-tracker][master] CVE-2022-30287/php-horde-turba: fix commits, actually reference 4.2.x branch...

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Tue Apr 1 22:25:29 BST 2025 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eaa9224a by Sylvain Beucler at 2025-04-01T23:25:19+02:00
CVE-2022-30287/php-horde-turba: fix commits, actually reference 4.2.x branch rather than 5.0alpha + missing fix

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -250179,9 +250179,10 @@ CVE-2022-30287 (Horde Groupware Webmail Edition through 5.2.22 allows a reflecti
 	NOTE: https://blog.sonarsource.com/horde-webmail-rce-via-email/
 	NOTE: https://lists.horde.org/archives/horde/Week-of-Mon-20220530/059225.html
 	NOTE: Possible alternative patch: https://github.com/horde/turba/pull/7
-	NOTE: Fixed by: https://github.com/horde/turba/commit/0d1e74802dd2ff8758c5b1dd5323a0101d49897d (v4.2.26)
+	NOTE: Fixed by: https://github.com/horde/turba/commit/bc53d856ca87656cdc6e5fafd54f2360eb247e24 (v4.2.26)
 	NOTE: Followup bugfix: https://github.com/horde/turba/commit/006affc530966704937c55611fadb1669026b9f6 (v4.2.27)
-	NOTE: Fixed by: https://github.com/horde/turba/commit/3bccab322af4ae96d5925f0ce9f9af0978af924b (v4.2.26)
+	NOTE: Fixed by: https://github.com/horde/turba/commit/69f67882539aa0909c3c8c15e37407e0aaa18d1c (v4.2.26)
+	NOTE: Fixed by: https://github.com/horde/turba/commit/f09285c54673cd3d71d92a8c56da0a2c5ff329ce (v4.2.28)
 CVE-2022-30286 (pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04  ...)
 	NOT-FOR-US: pyscriptjs
 CVE-2022-30285 (In Quest KACE Systems Management Appliance (SMA) through 12.0, a hash  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eaa9224a96c571900d99cea1f9414da340840c8c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eaa9224a96c571900d99cea1f9414da340840c8c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250401/9f9fd79c/attachment.htm>

More information about the debian-security-tracker-commits mailing list