IMP 2.2.5 (SECURITY) released

Brent J. Nordquist bjn@horde.org
Tue, 22 May 2001 09:17:31 -0500 (CDT)


The Horde team announces the availability of IMP 2.2.5, a.k.a. the
"put 2.2.x to bed" release.  Just as the release was going to press,
some potential security concerns relating to attachment temporary files
(and /tmp races) were raised; 2.2.5 addresses these concerns.

This release consolidates several fixes that have been languishing
in CVS (browser detection for IE6, a new locale/se translation (and
locale/da for Horde), fixes for LDAP searching) plus a back-port of the
href="javascript:" IE SSL fix from the 2.3.x branch.  For a complete
list of changes in this release, please consult the docs/CHANGES files.

It's the team's hope that 2.2.5 will be the last release in the 2.2.x
series (barring major security fixes).

Download:

This release can be downloaded from the following locations:

	ftp://ftp.horde.org/pub/horde/
	ftp://ftp.horde.org/pub/imp/

MD5 checksums:

4befa6883ececf6d9a416dee01d81c44  horde-1.2.5.tar.gz
77d82d8fe50383bb3752aa489eba4292  imp-2.2.5.tar.gz
64b00a2e30071393202c7cc02e9d82c4  patch-horde-1.2.4-1.2.5.gz
22f65d72fb864afb062e998c7af2eba4  patch-imp-2.2.4-2.2.5.gz

-- 
Brent J. Nordquist <bjn@horde.org> N0BJN
Yahoo!: Brent_Nordquist / AIM: BrentJNordquist / ICQ: 76158942