[horde] Horde 3.1.1 (final)

Jan Schneider jan at horde.org
Tue Mar 28 05:27:27 PST 2006


The Horde Team is releasing a critical security fix for the Horde Application
Framework versions 3.0 and above. Version 2.x and earlier releases are not
affected.

The Horde Application Framework is a modular, general-purpose web application
framework written in PHP.  It provides an extensive array of classes that are
targeted at the common problems and tasks involved in developing modern web
applications.

Major changes compared to Horde 3.1 are:
    * Security Fixes
      - Fix for remote code execution vulnerability in the help viewer,
        discovered by Jan Schneider from the Horde team.
    * Small bugfixes and improvements
      - Fixed export and synchronization of events across daylight saving time
        changes.
      - Improved mysql session handler.
      - Improved support for Internet Explorer 7 and Opera Mini browsers.
      - Fixed quota support for some VFS drivers.
      - Fixed menu wrapping with Kolab and Purple theme.

The full list of changes (from version 3.1) can be viewed here:

http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.222&r2=1.515.2.231&ty=h

The Horde 3.1.1 distribution is available from the following locations:

    ftp://ftp.horde.org/pub/horde/horde-3.1.1.tar.gz
    http://ftp.horde.org/pub/horde/horde-3.1.1.tar.gz

Patches against version 3.1 are available at:

    ftp://ftp.horde.org/pub/horde/patches/patch-horde-3.1-3.1.1.gz
    http://ftp.horde.org/pub/horde/patches/patch-horde-3.1-3.1.1.gz

Or, for quicker access, download from your nearest mirror:

    http://www.horde.org/mirrors.php

MD5 sums for the packages are as follows:

    MD5 (horde-3.1.1.tar.gz) = ef5001144b80422b71454d285056e90a
    MD5 (patch-horde-3.1-3.1.1.gz) = 69d1e51cbe3fa919d102f9a1ba2ebc47

Have fun!

The Horde Team.


More information about the horde mailing list