Package: php-horde-text-filter / 2.3.5-3+deb10u2

Metadata

Package Version Patches format
php-horde-text-filter 2.3.5-3+deb10u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001_protect_the_ _this_is_not_a_range.patch | (download)

Horde_Text_Filter-2.3.5/lib/Horde/Text/Filter/Emails.php | 2 1 + 1 - 0 !
Horde_Text_Filter-2.3.5/lib/Horde/Text/Filter/Linkurls.php | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 
 protect the -, this is not a range
 Makes regular expressions valid...
CVE 2021 26929.patch | (download)

Horde_Text_Filter-2.3.5/lib/Horde/Text/Filter/Emails.php | 23 17 + 6 - 0 !
Horde_Text_Filter-2.3.5/lib/Horde/Text/Filter/Linkurls.php | 26 22 + 4 - 0 !
Horde_Text_Filter-2.3.5/lib/Horde/Text/Filter/Text2html.php | 13 8 + 5 - 0 !
Horde_Text_Filter-2.3.5/test/Horde/Text/Filter/Text2htmlTest.php | 6 4 + 2 - 0 !
4 files changed, 51 insertions(+), 17 deletions(-)

 
 [patch] [mjr] security: fix xss via text2html filter

Reported by: Alex Birnberg<birnbergalex@gmail.com, CVE-2021-26929