[horde] Horde 3.3.6 (final)

lst_hoe02 at kwsoft.de lst_hoe02 at kwsoft.de
Wed Jan 13 10:40:43 UTC 2010


Zitat von Jan Schneider <jan at horde.org>:

> The Horde Team is pleased to announce the final release of the Horde
> Application Framework version 3.3.6.
>
> This is a bugfix release that also fixes an XSS vulnerability in the
> administration interface and improves the XSS filter to work around an XSS
> vulnerability in Firefox browsers.
>
> Thanks to Juan Galiana Lara and Daniel Fernández Bleda from  
> Internet Security
> Auditors for finding the XSS vulnerability in the administration interface.
>
> The Horde Application Framework is a modular, general-purpose web application
> framework written in PHP.  It provides an extensive array of classes that are
> targeted at the common problems and tasks involved in developing modern web
> applications.
>
> The major changes compared to Horde version 3.3.5 are:
>     * Fixed XSS vulnerability in administrator scripts.
>     * Improved XSS filter for HTML messages.
>     * Several synchronization improvements.
>     * Improved Oracle and MSSQL compatibility.
>     * Fixed access keys on Mac browsers.
>     * Fixed "white screen" issue with Internet Explorer.
>     * Added Croatian translation.
>     * Multiple other small bug fixes and improvements.

After update from 3.3.5 we have problems viewing S/MIME cert details.  
Instead of the details only "Die Zertifikatdetails konnten nicht  
ausgelesen werden" will be displayed. This worked fine with 3.3.5 and  
the config or server environment have not changed. Unfortunately i  
still have not found any related error in the logs...

Any comments

Regards

Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6397 bytes
Desc: S/MIME Signatur
URL: <http://lists.horde.org/archives/horde/attachments/20100113/45015383/attachment.bin>


More information about the horde mailing list