[horde] [dev] Horde Vulnerability Issue

Michael Menge michael.menge at zdv.uni-tuebingen.de
Mon Jul 4 11:37:04 UTC 2022


Dear Kambey

Quoting "Kambey L. Kisambu" <kambeylk at gmail.com>:

> Hello team,
> Good Morning.
> I'm asking regarding the recent vulnerability discovered in Horde if there
> is a patch in place. Link
> https://www.securityweek.com/unpatched-vulnerability-exposes-horde-webmail-servers-attacks


the vulnerability has been fixed in Turba 4.2.26. Versions 4.2.27-29 fixed
some regressions related to the fix.
https://lists.horde.org/archives/announce/2022/001301.html
https://lists.horde.org/archives/announce/2022/001302.html
https://lists.horde.org/archives/announce/2022/001303.html
https://lists.horde.org/archives/announce/2022/001304.html

>
>
> Also regarding Horde end of life if there is a plan of a new version or
> alternative webmail for Horde.
>

AFAIK there is no end of life announced for horde jet,
a new version (Horde 6) is in development but no ETA given.


> Thanks and Regards,
> Kambey
>


--------------------------------------------------------------------------------
Michael Menge                          Tel.: (49) 7071 / 29-70316
Universität Tübingen                   Fax.: (49) 7071 / 29-5912
Zentrum für Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
Wächterstraße 76
72074 Tübingen



More information about the horde mailing list