[announce] Horde 3.0.10 (final)

Jan Schneider jan at horde.org
Tue Mar 28 05:45:09 PST 2006


The Horde Team is releasing a critical security fix for the Horde Application
Framework versions 3.0 and above. Version 2.x and earlier releases are not
affected.

The Horde Application Framework is a modular, general-purpose web application
framework written in PHP.  It provides an extensive array of classes that are
targeted at the common problems and tasks involved in developing modern web
applications.

Changes compared to Horde 3.0.9 are:
    * Fix for remote code execution vulnerability in the help viewer,
      discovered by Jan Schneider from the Horde team.
    * Fixed a few minor bugs.

The full list of changes (from version 3.0.9) can be viewed here:

http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.167.2.16&r2=1.515.2.167.2.18&ty=h

The Horde 3.0.10 distribution is available from the following locations:

    ftp://ftp.horde.org/pub/horde/horde-3.0.10.tar.gz
    http://ftp.horde.org/pub/horde/horde-3.0.10.tar.gz

Patches against version 3.0.9 are available at:

    ftp://ftp.horde.org/pub/horde/patches/patch-horde-3.0.9-3.0.10.gz
    http://ftp.horde.org/pub/horde/patches/patch-horde-3.0.9-3.0.10.gz

Or, for quicker access, download from your nearest mirror:

    http://www.horde.org/mirrors.php

MD5 sums for the packages are as follows:

    MD5 (horde-3.0.10.tar.gz) = c6f9fd0e2e4d9898d31d2fcf8a2fe4c8
    MD5 (patch-horde-3.0.9-3.0.10.gz) = 071223bacc083ba62bdd30c32f964c54

Have fun!

The Horde Team.


More information about the announce mailing list