FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

radicale -- multiple vulnerabilities

Affected packages
py27-radicale < 1.1
py32-radicale < 1.1
py33-radicale < 1.1
py34-radicale < 1.1

Details

VuXML ID ff824eea-c69c-11e5-96d6-14dae9d210b8
Discovery 2015-12-24
Entry 2016-01-29

Radicale reports:

The multifilesystem backend allows access to arbitrary files on all platforms.

Prevent regex injection in rights management.

References

CVE Name CVE-2015-8747
CVE Name CVE-2015-8748
URL http://www.openwall.com/lists/oss-security/2016/01/06/4