[horde] Any more updates for Horde 3.0.x?

Martin Lohmeier martin at mein-horde.de
Fri Mar 17 10:16:13 PST 2006


Greg Swallow - SkyNet wrote:
> Chuck Hagenbuch wrote:
> 
>>>Someone brought this to my attention -
>>>http://www.securityfocus.com/bid/17117/info - but I didn't see any
>>
>>mention
>>
>>>of it on this list.
>>
>>This is highly dependant on your PHP version as to whether or not it
>>is actually exploitable. While we did make sure that no matter what
>>Horde 3.1 is not exploitable, I never saw a working exploit on any of
>>my machines - it depends on there being bugs in *both* parse_url and
>>readfile.
> 
> 
> Looks like the go.php from Horde 3.1 could be used in Horde 3.0, would you
> agree?  We aren't quite ready to make the jump to 3.1.
> 
> Greg
> 

Hi Greg,

just give 3.1 a go. Update is very simple and took me less then an hour
for horde and 6 apps.

Just put the new files on the webserver, copy your configuration and
preferences (some preferences and configurations changes, so check
them). Run the scripts in scripts/upgrades (I think it's only the part
that moves history out of datatree) and thats it.

For me 3.1 looks faster...

bye, Martin

-- 

Powered by Debian GNU / Linux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.horde.org/archives/horde/attachments/20060317/44171f70/signature-0001.bin


More information about the horde mailing list