[announce] IMP 4.2.2 (final)
Chuck Hagenbuch
chuck at horde.org
Tue Jan 27 15:31:57 UTC 2009
The Horde Team is pleased to announce the final release of the IMP Webmail
Client version H3 (4.2.2).
This is a minor security release that fixes unescaped output in several
scripts. All users are encouraged to upgrade to this release. Thanks to Gunnar
Wrobel for finding these issues in a code audit.
IMP, the Internet Messaging Program, is one of the most popular webmail
applications available. It allows universal, web-based access to IMAP and
POP3 mail servers and provides a full range of features normally found only in
desktop email clients.
The major changes compared to IMP version H3 (4.2.1) are:
* SECURITY: Escape output in message.php, pgp.php and smime.php
The full list of changes (from version 4.2.1) can be viewed here:
http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.699.2.301.2.1&r2=1.699.2.301.2.4&ty=h
The IMP 4.2.2 distribution is available from the following locations:
ftp://ftp.horde.org/pub/imp/imp-4.2.2.tar.gz
http://ftp.horde.org/pub/imp/imp-4.2.2.tar.gz
Patches against version 4.2.1 are available at:
ftp://ftp.horde.org/pub/imp/patches/patch-imp-4.2.1-4.2.2.gz
http://ftp.horde.org/pub/imp/patches/patch-imp-4.2.1-4.2.2.gz
NOTE: Patches do not contain differences between files containing binary data.
These files will need to be updated via the distribution files.
Or, for quicker access, download from your nearest mirror:
http://www.horde.org/mirrors.php
MD5 sums for the packages are as follows:
1634c812dcdb47b4ff599287db437965 imp-4.2.2.tar.gz
f6b5d897396a4c466d183c5c49e69e38 patch-imp-4.2.1-4.2.2.gz
Have fun!
The Horde Team.
More information about the announce
mailing list