[announce] Horde Groupware 1.2.5 (final)
jan at horde.org
Wed Dec 16 23:50:47 UTC 2009
The Horde Team is pleased to announce the final release of the Horde Groupware
This is a bugfix release that also fixes an XSS vulnerability in the
administration interface and improves the XSS filter to work around an XSS
vulnerability in Firefox browsers.
Thanks to Juan Galiana Lara and Daniel FernÃ¡ndez Bleda from Internet Security
Auditors for finding the XSS vulnerability in the administration interface.
Horde Groupware is a free, enterprise ready, browser based collaboration
suite. Users can manage and share calendars, contacts, tasks and notes
standards compliant components from the Horde Project.
The major changes compared to the Horde Groupware version 1.2.4 are:
* Fixed XSS vulnerability in administrator scripts.
* Several synchronization improvements.
* Improved Oracle and MSSQL compatibility.
* Fixed access keys on Mac browsers.
* Fixed "white screen" issue with Internet Explorer.
* Added preference for the name format to use for sorting contacts.
* Support X-ANNIVERSARY, X-CHILDREN, and X-SPOUSE vCard fields.
* Correctly track contact deletions during synchronization.
* Fixed edge cases of weekly recurring events.
* Fixed editing URLs of remote calendars.
* Some speed improvements in the calendar.
* Fixed importing task due dates.
* Added Croatian translation.
* Many further bug fixes and feature enhancements.
The full list of changes (from version 1.2.4) can be viewed here:
The Horde Groupware 1.2.5 distribution is available from the following
Patches against version 1.2.4 are available at:
Or, for quicker access, download from your nearest mirror:
MD5 sums for the packages are as follows:
The Horde Team.
More information about the announce