[pkg-horde] [announce] Horde Groupware Webmail Edition 1.2.7 (final)
Jan Schneider
jan at horde.org
Tue Sep 28 21:36:48 UTC 2010
The Horde Team is pleased to announce the final release of the Horde Groupware
Webmail Edition version 1.2.7.
Horde Groupware Webmail Edition is a free, enterprise ready, browser based
communication suite. Users can read, send and organize email messages with
three different webmail interfaces and manage and share calendars, contacts,
tasks and notes with the standards compliant components from the Horde
Project.
Thanks to Naumann IT Security Consulting for reporting the XSS
vulnerabilities.
Thanks to Secunia for releasing an advisory for the new CSRF protection in the
preference interface http://secunia.com/advisories/39860.
The major changes compared to the Horde Groupware Webmail Edition
version 1.2.6
are:
* Fixed an XSS vulnerability in util/icon_browser.php.
* Fixed an XSS vulnerability in the Fetchmail configuration.
* Fixed an XSS vulnerability when showing mailbox names.
* Protected preference forms against CSRF attacks.
* Bug fixes in the IMAP and Procmail filter drivers.
* Minor bug fixes and improvements.
* Updated Estonian translation.
The full list of changes (from version 1.2.6) can be viewed here:
http://cvs.horde.org/diff.php/groupware/docs/webmail/CHANGES?rt=horde&r1=1.35.2.11&r2=1.35.2.13&ty=h
The Horde Groupware Webmail Edition 1.2.7 distribution is available
from the following locations:
ftp://ftp.horde.org/pub/horde-webmail/horde-webmail-1.2.7.tar.gz
http://ftp.horde.org/pub/horde-webmail/horde-webmail-1.2.7.tar.gz
Patches against version 1.2.6 are available at:
ftp://ftp.horde.org/pub/horde-webmail/patches/patch-horde-webmail-1.2.6-1.2.7.gz
http://ftp.horde.org/pub/horde-webmail/patches/patch-horde-webmail-1.2.6-1.2.7.gz
Or, for quicker access, download from your nearest mirror:
http://www.horde.org/mirrors.php
MD5 sums for the packages are as follows:
2bf6e8b8f4eda57ab9aafa0597860cc6 horde-webmail-1.2.7.tar.gz
94d6aa4e59dfbb1b69b205e9c2195508 patch-horde-webmail-1.2.6-1.2.7.gz
Have fun!
The Horde Team.
--
Horde announcements mailing list
You are subscribed to this list as: pkg-horde-hackers at lists.alioth.debian.org
To unsubscribe, mail: announce-unsubscribe at lists.horde.org
More information about the pkg-horde-hackers
mailing list