==================================================================== CERT-Renater Note d'Information No. 2012/VULN239 ____________________________________________________________________ DATE : 31/05/2012 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Horde Groupware Webmail Edition version prior to 4.0.8, Horde Groupware version prior to 4.0.8. ====================================================================== http://lists.horde.org/archives/announce/2012/000773.html http://lists.horde.org/archives/announce/2012/000772.html ______________________________________________________________________ The Horde Team is pleased to announce the final release of the Horde Groupware Webmail Edition version 4.0.8. Horde Groupware Webmail Edition is a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages with four different webmail interfaces and manage and share calendars, contacts, tasks and notes with the standards compliant components from the Horde Project. For upgrading instructions, please see http://www.horde.org/apps/webmail/docs/UPGRADING For detailed installation and configuration instructions, please see http://www.horde.org/apps/webmail/docs/INSTALL The major changes compared to the Horde Groupware Webmail Edition version 4.0.7 are: General changes: * Updated Czech, Hungarian, Italian, Slovak, and Swedish translations. * Small bugfixes and improvements. Mail changes: * Fixed XSS vulnerabilities. * Fixed regression in PGP support. * Improved HTML editor support. Filters changes: * Fixed folder names in Procmail rules if using Maildir. Calendar changes: * Fixed XSS vulnerabilities in tasks and search views. The full list of changes can be viewed here: https://github.com/horde/horde/blob/d5ab4aa1734f63c7a27b3b91c8895d55d793200f/bundles/webmail/docs/CHANGES Have fun! The Horde Team. _____________________________________________________________________ The Horde Team is pleased to announce the final release of the Horde Groupware version 4.0.8. Horde Groupware is a free, enterprise ready, browser based collaboration suite. Users can manage and share calendars, contacts, tasks and notes with the standards compliant components from the Horde Project. For upgrading instructions, please see http://www.horde.org/apps/groupware/docs/UPGRADING For detailed installation and configuration instructions, please see http://www.horde.org/apps/groupware/docs/INSTALL The major changes compared to the Horde Groupware version 4.0.7 are: General changes: * Updated Czech, Hungarian, Italian, Slovak, and Swedish translations. * Small bugfixes and improvements. Calendar changes: * Fixed XSS vulnerabilities in tasks and search views. The full list of changes can be viewed here: https://github.com/horde/horde/blob/9970341aa6f2c1948ced0c1dd0726cf7dc67ddba/bundles/groupware/docs/CHANGES Have fun! The Horde Team. ====================================================================== ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================