[announce] [SECURITY] Kronolith H3 (2.0.7) (final)

Jan Schneider jan at horde.org
Wed Nov 29 03:50:52 PST 2006

The Horde Team is pleased to announce the final release of the Kronolith
Calendar Application version H3 (2.0.7).

This is a security release. All users are strongly advised to upgrade as soon
as possible. Thanks to iDefense for the vulnerability report.

Kronolith is the Horde calendar application.  It provides web-based calendars
backed by a SQL database, the MCAL library, or a Kolab server.  Supported
features include shared calendars, remote calendars, meeting management,
alarms, recurring events, and a sophisticated day/week view which handles
arbitrary numbers of overlapping events.

Major changes compared to the Kronolith version H3 (2.0.6) are:
    * Close arbitrary file inclusion in free/busy views.

The full list of changes (from version H3 (2.0.6)) can be viewed here:


The Kronolith H3 (2.0.7) distribution is available from the following locations:


Patches against version H3 (2.0.6) are available at:


Or, for quicker access, download from your nearest mirror:


MD5 sums for the packages are as follows:

    83461e8e9bee92a4417b46aeb52a85db  kronolith-h3-2.0.7.tar.gz
    6808bba984f084b7d4b2dfee9b5ac195  patch-kronolith-h3-2.0.6-h3-2.0.7.gz

Have fun!

The Horde Team.

More information about the announce mailing list