[announce] [SECURITY] Gollem H5 (3.0.12) (final)
Jan Schneider
jan at horde.org
Thu Sep 21 12:16:52 UTC 2017
The Horde Team is pleased to announce the final release of the Gollem File
Manager version H5 (3.0.12).
Gollem is a web-based file manager, providing the ability to fully manage a
hierarchical file system stored in a variety of backends such as a SQL
database, as part of a real filesystem, or on FTP, Samba or SSH servers. For
more information on Gollem, visit http://www.horde.org/apps/gollem.
For upgrading instructions, please see
http://www.horde.org/apps/gollem/docs/UPGRADING
For detailed installation and configuration instructions, please see
http://www.horde.org/apps/gollem/docs/INSTALL
Thanks to Tim O'Driscoll <tim.odriscoll at lambrookschool.co.uk> for
reporting the
missing authorization check for file downloads on backends that don't require
implicit authentication.
The major changes compared to Gollem version H5 (3.0.11) are:
* Fixed unauthorized access to file downloads.
* Officially support PHP 7.
The full list of changes can be viewed here:
https://github.com/horde/horde/blob/4e8642d754cac676ac3b6949cd2d94ce751d82ad/gollem/docs/CHANGES
Have fun!
The Horde Team.
More information about the announce
mailing list