[announce] Horde Groupware 1.1.4 (final)
Jan Schneider
jan at horde.org
Wed Dec 10 17:22:27 UTC 2008
The Horde Team is pleased to announce the final release of the Horde Groupware
version 1.1.4.
This is a minor security release that adds another check to the (unused) XSS
filter for an Internet Explorer exploit and fixes unescaped output in the
address book test script. All users are encouraged to upgrade to this
version. In addition all users are encouraged to disable test.php in
production, per the install documentation.
Horde Groupware is a free, enterprise ready, browser based collaboration
suite. Users can manage and share calendars, contacts, tasks and notes
with the
standards compliant components from the Horde Project.
The major changes compared to the Horde Groupware version 1.1.3 are:
* Added another check to the XSS filter (only IE is vulnerable).
* Escape output in address book's test.php.
* Fixed included Date_Holiday package.
* Fixed configuration files upgrades.
* Fixed database generation on PostgreSQL.
The full list of changes (from version 1.1.3) can be viewed here:
http://cvs.horde.org/diff.php/groupware/docs/groupware/CHANGES?r1=1.28&r2=1.28.2.2&ty=h
The Horde Groupware 1.1.4 distribution is available from the following
locations:
ftp://ftp.horde.org/pub/horde-groupware/horde-groupware-1.1.4.tar.gz
http://ftp.horde.org/pub/horde-groupware/horde-groupware-1.1.4.tar.gz
Patches against version 1.1.3 are available at:
ftp://ftp.horde.org/pub/horde-groupware/patches/patch-horde-groupware-1.1.3-1.1.4.gz
http://ftp.horde.org/pub/horde-groupware/patches/patch-horde-groupware-1.1.3-1.1.4.gz
Or, for quicker access, download from your nearest mirror:
http://www.horde.org/mirrors.php
MD5 sums for the packages are as follows:
d50566044963c68876a00f7954f497d4 horde-groupware-1.1.4.tar.gz
c4c2007e24a727413926ec9a4370afc5 patch-horde-groupware-1.1.3-1.1.4.gz
Have fun!
The Horde Team.
More information about the announce
mailing list