[pkg-horde] [announce] Horde Groupware 1.2.7 (final)
Jan Schneider
jan at horde.org
Tue Sep 28 21:11:27 UTC 2010
The Horde Team is pleased to announce the final release of the Horde Groupware
version 1.2.7.
Horde Groupware is a free, enterprise ready, browser based collaboration
suite. Users can manage and share calendars, contacts, tasks and notes
with the
standards compliant components from the Horde Project.
Thanks to Naumann IT Security Consulting for reporting the XSS vulnerability.
Thanks to Secunia for releasing an advisory for the new CSRF protection in the
preference interface http://secunia.com/advisories/39860.
The major changes compared to the Horde Groupware version 1.2.6 are:
* Fixed XSS vulnerability in util/icon_browser.php.
* Protected preference forms against CSRF attacks.
* Minor bug fixes and improvements.
* Updated Estonian translation.
The full list of changes (from version 1.2.6) can be viewed here:
http://cvs.horde.org/diff.php/groupware/docs/groupware/CHANGES?rt=horde&r1=1.38.2.11&r2=1.38.2.13&ty=h
The Horde Groupware 1.2.7 distribution is available from the following
locations:
ftp://ftp.horde.org/pub/horde-groupware/horde-groupware-1.2.7.tar.gz
http://ftp.horde.org/pub/horde-groupware/horde-groupware-1.2.7.tar.gz
Patches against version 1.2.6 are available at:
ftp://ftp.horde.org/pub/horde-groupware/patches/patch-horde-groupware-1.2.6-1.2.7.gz
http://ftp.horde.org/pub/horde-groupware/patches/patch-horde-groupware-1.2.6-1.2.7.gz
Or, for quicker access, download from your nearest mirror:
http://www.horde.org/mirrors.php
MD5 sums for the packages are as follows:
fdc202a141c1ed1bddb383da35b9b6e8 horde-groupware-1.2.7.tar.gz
cb20a1313bd033e7ec66839b962e57f7 patch-horde-groupware-1.2.6-1.2.7.gz
Have fun!
The Horde Team.
--
Horde announcements mailing list
You are subscribed to this list as: pkg-horde-hackers at lists.alioth.debian.org
To unsubscribe, mail: announce-unsubscribe at lists.horde.org
More information about the pkg-horde-hackers
mailing list