All releases of EGroupware
Release Notes: There is a security fix for an XSS vulnerability; it is recommended to update ASAP. It is required to visit setup for schema updates. More secure password hashing types: sha512_crypt and sha256_crypt. Enables automatic migration to sha512_crypt. Session listing without the need for a listable (less secure) session directory. Numerous CalDAV and CardDAV fixes (this release is far more standards compliant than 1.8.002). CalDAV/CardDAV is now recommended over SyncML, which will no longer be supported in the next major release. There are many bugfixes in all apps.
Release Notes: Full timezone support including recurring events, visualisation of participant status of events, an email three pane view with a folder tree in the side box, the ability to import from iCal and vCard, a print view and copying of InfoLogs, address book merge-print support for Microsoft and OpenOffice XML formats, and support for Joomla! 1.5 templates in SiteMgr, and a new default Web site, including a SiteMgr tutorial. There were many useful extensions and adaptations as well as bugfixes in all modules. A postinstall script from EPL was included.
Release Notes: The new release fixes two serious security problems and many bugs and implements SyncML 1.2. One security problem is a serious remote command execution hole that allows arbitrary commands to be run on the Web server by simply issuing a HTTP request. The other is a reflected cross-site scripting (XSS) flaw. Both do not require a valid EGroupware account and work without being logged in. The older branches have also been fixed in SVN. It is recommended that all users update as soon as possible.
Release Notes: This release fixes 3 security problems in FCKeditor (remote file upload), Tracker (an XSS problem), and Knowledgebase (an SQL injection). Everyone should update as soon as possible. HTML Purifier has been added as a preventive measure for FCKeditor content. There are many bugfixes since 1.6.001. There is CalDAV support for iPhone OS 3; see the test report.
Release Notes: A complete rewrite of file manager DMS by means of streamwrapper and WebDAV. ACL control on directories and files, which allows uploads of big files. Multiple mail accounts and many bugfixes. Tracker has an escalation matrix for tickets and automatic mail conversion. Calendar has improved functions for recurring events. Addressbook has appointment-view, custom fields, and distribution lists shown in contact view and list. The project manager has improved template functionality. A new default theme for 1.6. Massive bugfixes for SyncML. Many useful extensions and bugfixes in all modules.
Release Notes: Everyone should update as soon as possible. The update includes all previous 1.4 updates, and requires no schema update (if you upgrade within the 1.4 release). The fixed security problems are grave if you have directories writable by the Web server in your document root (in most Windows servers, the complete docroot is writable by default, but many Linux servers are also set up that way). Please note: as FCK contains many static Javascript and CSS files, you and your users might have to delete the browser cache after the update.
Release Notes: Some security problems have been fixed, and updating is recommended. There are also many other bugfixes. Please note that notification, importexport, and SyncML require PHP 5.1, while the rest of eGW 1.4 requires only php4.3.
Release Notes: An XSS problem that required a non-anonymous user account was fixed. It is recommended tat everyone update to this release as soon as possible. Many bugs were fixed.
Release Notes: The 1.4 release contains very many improvements over 1.2. To name a just a few, the addressbook was completely rewritten (adding Group-addressbooks, Organization-views, and improved LDAP support), a new tracker application was fully integrated, a new IMAP backend was added and many improvements were made for FMail, Gallery2 was ported to eGroupWare, and many improvements were made in nearly all applications.
Release Notes: This is a bugfix and maintenance release. All current users are recommended to update to it. The most important fix is PHP 5.2 compatibility. Because of a nasty bug in the PHP 5.2 mbstring extension, you have to additionally switch display_errors to Off to be able to work with eGroupWare when using multibyte charsets like UTF-8 (or in any case where you have mbstring.func_overload greater than zero). Otherwise you get tons of "empty haystack" warnings. Compatibility with the datetime class of PHP 5.2 was fixed. Various fixes were made in the calendar. PostgreSQL 8.1 compatibility was added.
