http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1474 FE5 only; FE6+ have already been updated to 3.1.4.
Fixed in horde-3.1.4-1.fc[567]