[announce] [SECURITY] Mnemo H5 (4.2.3) (final)

Jan Schneider jan at horde.org
Wed Dec 3 16:35:26 UTC 2014

The Horde Team is pleased to announce the final release of the Mnemo Note
Manager version H5 (4.2.3).

The Mnemo Note Manager is the Horde notes/memos application. It allows  
users to
keep web-based notes and freeform text. Notes may be shared with other users
via shared notepads. It requires the Horde Application Framework and an SQL
database or Kolab server for backend storage. For more information on Mnemo,
visit http://www.horde.org/apps/mnemo.

For upgrading instructions, please see

For detailed installation and configuration instructions, please see

The major changes compared to the Mnemo version H5 (4.2.2) are:
     * Fixed permission check when editing notes. Mitigation: the  
attacker needs
       to know the note's (random) URL to exploit this flaw.
     * Small API improvement.

Thanks to Christopher Neuhaus for reporting the security issue.

The full list of changes can be viewed here:


Have fun!

The Horde Team.

More information about the announce mailing list