Debian Security Advisory

DLA-115-1 gosa -- LTS security update

Date Reported:

18 Dec 2014

Affected Packages:

gosa

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

Fix XSS issue during login.

Fix authentication of GOsa² against the underlying LDAP server(s) via the gosa-admin DN (See #768509).

For Debian 6 Squeeze, these issues have been fixed in gosa version 2.6.11-3+squeeze3.