[Users] Zimbra OpenPGP Zimlet 2.5.2 security update
Barry De Graaff
barrydg at zetalliance.org
Thu May 26 19:41:15 CEST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
In a process of re-reading all current code, I found a piece of legacy code in clear-signed messages
verify function that would allow unsafe html to be executed in the browser.
Kindly upgrade to the latest version ASAP.
Kind regards,
Barry de Graaff
Zeta Alliance Founder
www.zetalliance.org
Skype: barrydegraaff.tk
Fingerprint: 9e0e165f06b365ee1e47683e20f37303c20703f8
-----BEGIN PGP SIGNATURE-----
Version: OpenPGP.js v2.3.0
Comment: http://openpgpjs.org
wsFcBAEBCAAQBQJXRzU4CRAg83MDwgcD+AAAfC0P/2duEqj/JIlusEhP9gqa
MnoDDdAuFTUMJ/1D1hLwd2Sky6ZRwWSHEPA3yO77nrJT27nMiYjYXWB1Ctt5
Y/nOUQwGFUNpYIzRn1dUTzEj2BjfsnZkaiWcRrMSxyzDsP+iXg4I0GKVS109
i5jNq9Z6vuPoq7OE87kRp3fFgb/yVO/bbGfF2yAe5I8T5IvWAEXKvndJI9NG
sEQ3hjxheclObzwk9kJAyTCFppipk+X6QPdy+zhUV4VNhMItLICsFj63tj50
BWxiJIHKgxX+5EO6O9xo6k2yDwEQVlxIVG/vOO3ZZ9E2QUXCRZUOfCseV2/6
WY88jz5Pm3LOGb4i5vtKpW0FzjpnmyXYitiUD5NjNht0rPAVbX2ocss6ULZh
prv0ZhXiMRPibno8ELsv9FhvpmSvdGs7PkPq4s8239z0b7JKKjzXBs8EtOU1
LOMXo8Ia4T8Q3X/6TQS80i8R3KBj3eYTdk2TxwzawmL+q1/uyH9SwG3MnrcK
GeL6F1dDfmu9Mw9NfbO5cGv0Z0OI4WtW1Ag1Hhq4gKIEkFajk6RBoQedoIi1
Zr934hfkAzjDgnYvxRJgKV3ShLAQUImy/udu+H4eB4st4U1PTrUUigYKdb/H
NiwLH0W/GWjdeT1+UQeVLvDuVDtjOOiK75SVt0G9rfjqrPQ2cch7ljoeKkY3
AeGD
=YiDE
-----END PGP SIGNATURE-----
More information about the Users
mailing list