[horde] Opinion on a reported bug report.

Michael J Rubinsky mrubinsk at horde.org
Thu Feb 24 17:21:59 UTC 2022


Indeed. I don't personally remember seeing this report before, which  
is not to say it's impossible that I missed it.  I'll carve out some  
time to investigate this soon.

Quoting ANANT S ATHAVALE <asa at ursc.gov.in>:

> Hi all,
>
> We came across a link which indicates that there is a security  
> bug/vulnerability with Horde.  It discusses about security  
> vulnerability in the feature that takes OpenOffice documents and  
> creates previews to show inside the browser window.
>
> https://therecord.media/unpatched-bug-allows-takeover-of-horde-webmail-accounts-servers/amp/
>
> I have serious doubts over this.  I have never observed that,  
> security bugs (if any), are not addressed by Horde Team.
>
> Sorry, if this query was already posted earlier.
>
> -- 
>      सादर धन्यवाद/ Thanks & Regards
>           अनंत / Anant
> ------------------------------------------------------------------------------
> IMPORTANT NOTE:
>
> ISRO Satellite Centre (ISAC) was renamed as U R Rao Satellite Centre (URSC).
> Hence, the existing domain (isac.gov.in) is changed to new domain ursc.gov.in
> resulting into change of e-mail address from user at isac.gov.in to  
> user at ursc.gov.in.
> Please note this change and update your contact details for new  
> domain (ursc.gov.in).
> ------------------------------------------------------------------------------
> Confidentiality Notice: This e-mail message, including any  
> attachments, is for
> the sole use of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
> ------------------------------------------------------------------------------
>
> -- 
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org



-- 
mike
The Horde Project
http://www.horde.org
https://www.facebook.com/hordeproject
https://www.twitter.com/hordeproject
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 9272 bytes
Desc: PGP Public Key
URL: <https://lists.horde.org/archives/horde/attachments/20220224/5d47ca4b/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: PGP Digital Signature
URL: <https://lists.horde.org/archives/horde/attachments/20220224/5d47ca4b/attachment.sig>


More information about the horde mailing list