[announce] [SECURITY] Horde 5.2.8 (final)

Michael J Rubinsky mrubinsk at horde.org
Wed Oct 21 02:25:35 UTC 2015

The Horde Team is pleased to announce the final release of the Horde
Application Framework version 5.2.8.

The Horde Application Framework is a flexible, modular, general-purpose web
application framework written in PHP. It provides an extensive array of
components that are targeted at the common problems and tasks involved in
developing modern web applications. It is the basis for a large number of
production-level web applications, notably the Horde Groupware suites.  
For more
information on Horde or the Horde Groupware suites, visit  

For upgrading instructions, please see

For detailed installation and configuration instructions, please see

Thanks to  High-Tech Bridge Security Research <advisory at htbridge.ch> for
reporting the CSRF vulnerability.

The major changes compared to the Horde version 5.2.7 are:
     * Protect against CSRF attacks on various admin pages.
     * Configuration support for version 2 of WorldWeatherOnline's API
     * Small bugfixes and improvements.

The full list of changes can be viewed here:


Have fun!

The Horde Team.

More information about the announce mailing list