[horde] Horde 3.3.9 (final)
Jan Schneider
jan at horde.org
Tue Sep 28 15:33:15 UTC 2010
The Horde Team is pleased to announce the final release of the Horde
Application Framework version 3.3.9.
The Horde Application Framework is a modular, general-purpose web application
framework written in PHP. It provides an extensive array of classes that are
targeted at the common problems and tasks involved in developing modern web
applications.
Thanks to Naumann IT Security Consulting for reporting the XSS vulnerability.
Thanks to Secunia for releasing an advisory for the new CSRF protection in the
preference interface http://secunia.com/advisories/39860.
The major changes compared to Horde version 3.3.8 are:
* Fixed XSS vulnerability in util/icon_browser.php.
* Protected preference forms against CSRF attacks.
* Minor bug fixes and improvements.
* Updated Estonian translation.
The full list of changes (from version 3.3.8) can be viewed here:
http://cvs.horde.org/diff.php/horde/docs/CHANGES?rt=horde&r1=1.515.2.607&r2=1.515.2.620&ty=h
The Horde 3.3.9 distribution is available from the following locations:
ftp://ftp.horde.org/pub/horde/horde-3.3.9.tar.gz
http://ftp.horde.org/pub/horde/horde-3.3.9.tar.gz
Patches against version 3.3.8 are available at:
ftp://ftp.horde.org/pub/horde/patches/patch-horde-3.3.8-3.3.9.gz
http://ftp.horde.org/pub/horde/patches/patch-horde-3.3.8-3.3.9.gz
NOTE: Patches do not contain differences between files containing binary data.
These files will need to be updated via the distribution files:
locale/et_EE/LC_MESSAGES/horde.mo
locale/nl_NL/LC_MESSAGES/horde.mo
themes/hordeweb/graphics/horde-halfgear-ie.png
themes/hordeweb/graphics/horde-halfgear.png
Or, for quicker access, download from your nearest mirror:
http://www.horde.org/mirrors.php
MD5 sums for the packages are as follows:
3fa1a32c48db3f3d5195f52064c14499 horde-3.3.9.tar.gz
9b175a44f17be19c31ed14f857595bda patch-horde-3.3.8-3.3.9.gz
Have fun!
The Horde Team.
More information about the horde
mailing list