Register | Log in

php-horde-crypt

Horde Cryptography API

Choose email to subscribe with

general

source: php-horde-crypt (source, php)
version: 2.7.9-1
maintainer: Horde Maintainers (archive) [DMD]
uploaders: Mathieu Parent [DMD]
arch: all
std-ver: 3.9.8
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2.5.0-5
stable: 2.7.8-1
testing: 2.7.9-1
unstable: 2.7.9-1

versioned links

2.5.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

php-horde-crypt

action needed

2 security issues in jessie

high

There are 2 open security issues in jessie.

2 important issues:

CVE-2017-7414: In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. To exploit this vulnerability, an attacker can send a PGP signed email (that is maliciously crafted) to the Horde user, who then must either view or preview it.
CVE-2017-7413: In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address.

Please fix them.

Created: 2017-04-05 Last update: 2017-07-07 07:32

Standards version of the package is outdated.

high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.0.0 instead of 3.9.8).

Created: 2017-07-02 Last update: 2017-07-02 01:05

lintian reports 1 warning

normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2017-07-02 Last update: 2017-07-02 01:16

news

[2017-07-07] php-horde-crypt 2.7.9-1 MIGRATED to testing (Debian testing watch)
[2017-07-01] Accepted php-horde-crypt 2.7.9-1 (source all) into unstable (Mathieu Parent)
[2017-06-02] php-horde-crypt 2.7.8-1 MIGRATED to testing (Debian testing watch)
[2017-05-28] php-horde-crypt 2.7.5-2 MIGRATED to testing (Debian testing watch)
[2017-05-27] Accepted php-horde-crypt 2.7.8-1 (source all) into unstable (Mathieu Parent)
[2017-05-03] Accepted php-horde-crypt 2.7.5-2 (source all) into unstable (Mathieu Parent)
[2016-12-29] php-horde-crypt 2.7.5-1 MIGRATED to testing (Debian testing watch)
[2016-12-18] Accepted php-horde-crypt 2.7.5-1 (source all) into unstable (Mathieu Parent)
[2016-06-13] php-horde-crypt 2.7.3-2 MIGRATED to testing (Debian testing watch)
[2016-06-08] Accepted php-horde-crypt 2.7.3-2 (source all) into unstable (Mathieu Parent)
[2016-04-11] php-horde-crypt 2.7.3-1 MIGRATED to testing (Debian testing watch)
[2016-04-05] Accepted php-horde-crypt 2.7.3-1 (source all) into unstable (Mathieu Parent)
[2016-04-01] php-horde-crypt 2.7.2-1 MIGRATED to testing (Debian testing watch)
[2016-03-26] Accepted php-horde-crypt 2.7.2-1 (source all) into unstable (Mathieu Parent)
[2016-03-19] php-horde-crypt 2.7.0-2 MIGRATED to testing (Debian testing watch)
[2016-03-13] Accepted php-horde-crypt 2.7.0-2 (source all) into unstable (Mathieu Parent)
[2016-02-09] php-horde-crypt 2.7.0-1 MIGRATED to testing (Debian testing watch)
[2016-02-03] Accepted php-horde-crypt 2.7.0-1 (source all) into unstable (Mathieu Parent)
[2015-10-28] php-horde-crypt 2.6.1-2 MIGRATED to testing (Britney)
[2015-10-23] Accepted php-horde-crypt 2.6.1-2 (source all) into unstable (Mathieu Parent)
[2015-09-22] php-horde-crypt 2.6.1-1 MIGRATED to testing (Britney)
[2015-09-17] Accepted php-horde-crypt 2.6.1-1 (source all) into unstable (Mathieu Parent)
[2015-08-15] php-horde-crypt 2.6.0-1 MIGRATED to testing (Britney)
[2015-08-09] Accepted php-horde-crypt 2.6.0-1 (source all) into unstable (Mathieu Parent)
[2015-05-11] php-horde-crypt 2.5.3-1 MIGRATED to testing (Britney)
[2015-05-04] Accepted php-horde-crypt 2.5.3-1 (source all) into unstable (Mathieu Parent)
[2014-10-27] php-horde-crypt 2.5.0-5 MIGRATED to testing (Britney)
[2014-10-16] Accepted php-horde-crypt 2.5.0-5 (source all) into unstable (Mathieu Parent)
[2014-10-11] Accepted php-horde-crypt 2.5.0-4 (source all) into unstable (Mathieu Parent)
[2014-09-19] php-horde-crypt 2.5.0-3 MIGRATED to testing (Britney)

1
2

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.7.9-1

Debian Package Tracker — Copyright 2013-2016 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Git Repository — How to contribute