[announce] [SECURITY] Horde 5.2.8 (final)
Michael J Rubinsky
mrubinsk at horde.org
Wed Oct 21 02:25:35 UTC 2015
The Horde Team is pleased to announce the final release of the Horde
Application Framework version 5.2.8.
The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites.
For more
information on Horde or the Horde Groupware suites, visit
http://www.horde.org.
For upgrading instructions, please see
http://www.horde.org/apps/horde/docs/UPGRADING
For detailed installation and configuration instructions, please see
http://www.horde.org/apps/horde/docs/INSTALL
Thanks to High-Tech Bridge Security Research <advisory at htbridge.ch> for
reporting the CSRF vulnerability.
The major changes compared to the Horde version 5.2.7 are:
* Protect against CSRF attacks on various admin pages.
* Configuration support for version 2 of WorldWeatherOnline's API
* Small bugfixes and improvements.
The full list of changes can be viewed here:
https://github.com/horde/horde/blob/54b48f1499bf319d9a784a6b661ba17e7a578e9b/horde/docs/CHANGES
Have fun!
The Horde Team.
More information about the announce
mailing list