[announce] Horde 3.3.9 (final)
jan at horde.org
Tue Sep 28 15:33:15 UTC 2010
The Horde Team is pleased to announce the final release of the Horde
Application Framework version 3.3.9.
The Horde Application Framework is a modular, general-purpose web application
framework written in PHP. It provides an extensive array of classes that are
targeted at the common problems and tasks involved in developing modern web
Thanks to Naumann IT Security Consulting for reporting the XSS vulnerability.
Thanks to Secunia for releasing an advisory for the new CSRF protection in the
preference interface http://secunia.com/advisories/39860.
The major changes compared to Horde version 3.3.8 are:
* Fixed XSS vulnerability in util/icon_browser.php.
* Protected preference forms against CSRF attacks.
* Minor bug fixes and improvements.
* Updated Estonian translation.
The full list of changes (from version 3.3.8) can be viewed here:
The Horde 3.3.9 distribution is available from the following locations:
Patches against version 3.3.8 are available at:
NOTE: Patches do not contain differences between files containing binary data.
These files will need to be updated via the distribution files:
Or, for quicker access, download from your nearest mirror:
MD5 sums for the packages are as follows:
The Horde Team.
More information about the announce