[pkg-horde] [announce] Horde 3.1.8 (final)
chuck at horde.org
Fri Jun 13 22:04:00 UTC 2008
The Horde Team is pleased to announce the final release of the Horde
Application Framework version 3.1.8.
This is a security release that closes unescaped output in the object
browser. The hole is only exploitable by authenticated users.
The Horde Application Framework is a modular, general-purpose web application
framework written in PHP. It provides an extensive array of libraries that are
targeted at the common problems and tasks involved in developing modern web
Major changes compared to Horde 3.1.7 are:
* Escape item names in the object browser.
* Fix large messages being rendered empty with PHP 5.2.
The full list of changes (from version 3.1.7) can be viewed here:
The Horde 3.1.8 distribution is available from the following locations:
Patches against version 3.1.7 are available at:
Or, for quicker access, download from your nearest mirror:
MD5 sums for the packages are as follows:
The Horde Team.
Horde announcements mailing list
You are subscribed to this list as: pkg-horde-hackers at lists.alioth.debian.org
To unsubscribe, mail: announce-unsubscribe at lists.horde.org
More information about the pkg-horde-hackers