Package name
Advisory ID
Affected versions
9.1 i586 , CS2.1 x86_64 , CS2.1 i586 , 9.0 i586 , 8.2 i586 , 9.1 i586 , 8.2 i586

Problem description

Several vulnerabilities were discovered in all versions of phpgroupware prior to This latest version fixes an exploitable condition in all versions that can be exploited remotely without authentication and can lead to arbitrary code execution on the web server. This vulnerability is being actively exploited. Version fixed several other vulnerabilities including cross-site scripting issues that can be exploited to obtain sensitive information such as authentication cookies. This update provides the latest stable version of phpgroupware and all users are encouraged to update immediately. In addition, you should also secure your installation by including the following in your Apache configuration files: Order allow,deny Deny from all

Updated packages

9.1 i586

 cc485c5da743cf51b6ccf1107900fe71  9.1/RPMS/phpgroupware-
677f92cdb16d28c917b52b987d9cd624  9.1/SRPMS/phpgroupware-

CS2.1 x86_64

 dee4d9ba7cdb6272510ce9f04c9cc680  x86_64/corporate/2.1/RPMS/phpgroupware-
c9dfffb31a2a1c344b8c67cde7fe69ec  x86_64/corporate/2.1/SRPMS/phpgroupware-

CS2.1 i586

 1d37698772164d1b7dea99c0aa2ffff0  corporate/2.1/RPMS/phpgroupware-
8646f3f726aa1a339228add0b3f9e880  corporate/2.1/SRPMS/phpgroupware-

9.0 i586

 3b6683106c78a61f734fab8126ab6744  9.0/RPMS/phpgroupware-
d9e56f354b6284a266dad2772e7885e4  9.0/SRPMS/phpgroupware-

8.2 i586

 226bcd29ec917089b4e65dfa1265f765  8.2/RPMS/phpgroupware-
68134085bff4f58997c2de32f434c0de  8.2/SRPMS/phpgroupware-

9.1 i586

 c3279ce51965449df7bdf747ff608f5a  ppc/9.1/RPMS/phpgroupware-
6ca256444ef59dff9cd74e4a00ec12a0  ppc/9.1/SRPMS/phpgroupware-

8.2 i586

 b4f3a11af929f95cdf934280c86a3bee  ppc/8.2/RPMS/phpgroupware-
cb78382d8c721e7aa9b984d61b9528b4  ppc/8.2/SRPMS/phpgroupware-