Release Notes: This release contains important security fixes; please update ASAP. These include remote command execution for logged in users with administrative privileges, and cross-site request forgery allowing one to create new admin users or run the above commands.
Release Notes: There is a security fix for an XSS vulnerability; it is recommended to update ASAP. It is required to visit setup for schema updates. More secure password hashing types: sha512_crypt and sha256_crypt. Enables automatic migration to sha512_crypt. Session listing without the need for a listable (less secure) session directory. Numerous CalDAV and CardDAV fixes (this release is far more standards compliant than 1.8.002). CalDAV/CardDAV is now recommended over SyncML, which will no longer be supported in the next major release. There are many bugfixes in all apps.
Release Notes: Full timezone support including recurring events, visualisation of participant status of events, an email three pane view with a folder tree in the side box, the ability to import from iCal and vCard, a print view and copying of InfoLogs, address book merge-print support for Microsoft and OpenOffice XML formats, and support for Joomla! 1.5 templates in SiteMgr, and a new default Web site, including a SiteMgr tutorial. There were many useful extensions and adaptations as well as bugfixes in all modules. A postinstall script from EPL was included.
Release Notes: The new release fixes two serious security problems and many bugs and implements SyncML 1.2. One security problem is a serious remote command execution hole that allows arbitrary commands to be run on the Web server by simply issuing a HTTP request. The other is a reflected cross-site scripting (XSS) flaw. Both do not require a valid EGroupware account and work without being logged in. The older branches have also been fixed in SVN. It is recommended that all users update as soon as possible.
Release Notes: This release fixes 3 security problems in FCKeditor (remote file upload), Tracker (an XSS problem), and Knowledgebase (an SQL injection). Everyone should update as soon as possible. HTML Purifier has been added as a preventive measure for FCKeditor content. There are many bugfixes since 1.6.001. There is CalDAV support for iPhone OS 3; see the test report.
Release Notes: A complete rewrite of file manager DMS by means of streamwrapper and WebDAV. ACL control on directories and files, which allows uploads of big files. Multiple mail accounts and many bugfixes. Tracker has an escalation matrix for tickets and automatic mail conversion. Calendar has improved functions for recurring events. Addressbook has appointment-view, custom fields, and distribution lists shown in contact view and list. The project manager has improved template functionality. A new default theme for 1.6. Massive bugfixes for SyncML. Many useful extensions and bugfixes in all modules.
Release Notes: Some security problems have been fixed, and updating is recommended. There are also many other bugfixes. Please note that notification, importexport, and SyncML require PHP 5.1, while the rest of eGW 1.4 requires only php4.3.
Release Notes: An XSS problem that required a non-anonymous user account was fixed. It is recommended tat everyone update to this release as soon as possible. Many bugs were fixed.
Release Notes: The 1.4 release contains very many improvements over 1.2. To name a just a few, the addressbook was completely rewritten (adding Group-addressbooks, Organization-views, and improved LDAP support), a new tracker application was fully integrated, a new IMAP backend was added and many improvements were made for FMail, Gallery2 was ported to eGroupWare, and many improvements were made in nearly all applications.