[horde] another security issue discovered in Horde ref. CVE-2022-30287
Jens Wahnes
wahnes at uni-koeln.de
Tue Jun 14 10:39:54 UTC 2022
Michael J Rubinsky wrote:
> 4.2.28 should fix the remaining regressions. My advice is to upgrade,
> and not apply any other patches at this time.
Unfortunately, it does not fix the issue on our site. Like Jos pointed
out, the issue with frequent "$config must be an array" messages being
logged and some user unable to access their emails remains with Turba
4.2.28. The email issue seems to be manifesting itself especially when
double clicking a message in dynamic mode in Imp to open it in a new window.
Jens
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5324 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.horde.org/archives/horde/attachments/20220614/1960ae3d/attachment.bin>
More information about the horde
mailing list