Debian Security Advisory

DLA-115-1 gosa -- LTS security update

Date Reported:
18 Dec 2014
Affected Packages:
gosa
Vulnerable:
Yes
Security database references:
No other external database security references currently available.
More information:

Fix XSS issue during login.

Fix authentication of GOsa² against the underlying LDAP server(s) via the gosa-admin DN (#768509).

For Debian 6 Squeeze, these issues have been fixed in gosa version 2.6.11-3+squeeze3.