[Full-disclosure] Re: [USN-147-1] PHP XMLRPC vulnerability
Jan Schneider
jan at horde.org
Fri Jul 8 10:14:21 BST 2005
Zitat von Martin Pitt <martin.pitt at canonical.com>:
> Please note that many applications contain a copy of the affected
> XMLRPC code,
> which must be fixed separately. The following packages may also be affected,
> but are unsupported in Ubuntu:
>
> - drupal
> - wordpress
> - phpwiki
> - horde3
> - ewiki
> - egroupware
> - phpgroupware
To avoid confusion, I want to make clear that Horde applications are
NOT affected by this vulnerability because we don't use the vulnerable
software. I would appreciate if such statements would be cross checked
with the projects before releasing them to the public.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
Full-Disclosure is hosted and sponsored by Secunia.