Horde IMP HTML+TIME HTML Injection Vulnerability

Horde IMP HTML+TIME HTML Injection Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.

Gentoo has released an advisory (GLSA 200408-07) to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers:

emerge sync
emerge -pv ">=horde-imp-3.2.5"
emerge ">=horde-imp-3.2.5"

Horde Project IMP 3.0

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz

Horde Project IMP 3.1

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz

Horde Project IMP 3.1.2

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz

Horde Project IMP 3.2

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz

Horde Project IMP 3.2.1

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz

Horde Project IMP 3.2.2

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz

Horde Project IMP 3.2.3

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz

Horde Project IMP 3.2.4

Horde imp-3.2.5.tar.gz
ftp://ftp.horde.org/pub/imp/imp-3.2.5.tar.gz