A php-horde-Horde-Form security update has been released for Fedora 30.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-a69f99bc67
2020-03-16 22:04:27.466615
--------------------------------------------------------------------------------
Name : php-horde-Horde-Form
Product : Fedora 30
Version : 2.0.20
Release : 1.fc30
URL : http://pear.horde.org
Summary : Horde Form API
Description :
The Horde_Form package provides form rendering, validation, and other
functionality for the Horde Application Framework.
--------------------------------------------------------------------------------
Update Information:
**Horde_Form 2.0.20** * [mjr] SECURITY: Prevent ability to specify temporary
filename (CVE-2020-8866, Reported By: Andrea Cardaci working with Trend Micro
Zero Day Initiative).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 9 2020 Remi Collet - 2.0.20-1
- update to 2.0.20
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-a69f99bc67' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys