[pkg-horde] [announce] Horde 3.1.8 (final)
Chuck Hagenbuch
chuck at horde.org
Fri Jun 13 22:04:00 UTC 2008
The Horde Team is pleased to announce the final release of the Horde
Application Framework version 3.1.8.
This is a security release that closes unescaped output in the object
browser. The hole is only exploitable by authenticated users.
The Horde Application Framework is a modular, general-purpose web application
framework written in PHP. It provides an extensive array of libraries that are
targeted at the common problems and tasks involved in developing modern web
applications.
Major changes compared to Horde 3.1.7 are:
* Escape item names in the object browser.
* Fix large messages being rendered empty with PHP 5.2.
The full list of changes (from version 3.1.7) can be viewed here:
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.312.2.5&r2=1.515.2.312.2.10&ty=h
The Horde 3.1.8 distribution is available from the following locations:
ftp://ftp.horde.org/pub/horde/horde-3.1.8.tar.gz
http://ftp.horde.org/pub/horde/horde-3.1.8.tar.gz
Patches against version 3.1.7 are available at:
ftp://ftp.horde.org/pub/horde/patches/patch-horde-3.1.7-3.1.8.gz
http://ftp.horde.org/pub/horde/patches/patch-horde-3.1.7-3.1.8.gz
Or, for quicker access, download from your nearest mirror:
http://www.horde.org/mirrors.php
MD5 sums for the packages are as follows:
95d207372f278b923e60e3adfac808b4 horde-3.1.8.tar.gz
17c4c7c02c373e6fcc2a692b93beae96 patch-horde-3.1.7-3.1.8.gz
Have fun!
The Horde Team.
--
Horde announcements mailing list
You are subscribed to this list as: pkg-horde-hackers at lists.alioth.debian.org
To unsubscribe, mail: announce-unsubscribe at lists.horde.org
More information about the pkg-horde-hackers
mailing list