Projects / Horde Groupware Webmail Edi... / Releases / Minor security fixes

RSS All releases tagged Minor security fixes

Release Notes: This release fixes XSS and CSRF vulnerabilities, adds a commandline script to delete user data, fixes some issues with recurring events, fixes editing tasks via CalDAV, and adds other bugfixes and improvements.

Release Notes: This release fixes several XSS vulnerabilities in the smartphone mode, improves the print layout, fixes resetting and changing passwords, fixes importing of events with unknown timezone identifiers, only returns completed tasks up to a week old as cost objects, fixes several bugs with recurring tasks and synchronizing tasks, updates the Basque and Ukrainian translations, and adds small bugfixes and improvements. It fixes renaming mailboxes in the dynamic view, fixes verifying signed and encrypted PGP messages, and adds several fixes to the display of virtual folders in the tree view.

Release Notes: XSS vulnerabilities were fixed. The compose window is now closed after redirecting a message. The option to report messages as spam/ham through redirection was re-added. It is no longer possible to save filter rules without conditions. Reindexing of existing filter rules when deleting a rule was fixed. IMAP filtering was fixed. Folder names in Procmail rules if using Maildir were fixed. All of a user's address books are now removed when removing users. Notepad deletion was fixed. French, Swedish, and Turkish translations were updated. There were also further bugfixes and improvements.

Release Notes: This release fixes XSS vulnerabilities. It fixes a regression in PGP support. Improved HTML editor support. Updated Czech, Hungarian, Italian, Slovak, and Swedish translations. Small bugfixes and improvements.

Release Notes: This release fixes XSS vulnerabilities (CVE-2012-0791, CVE-2012-0909), adds support for resetting passwords in LDAP, and fixes compatibility with Firefox 10.

Release Notes: This release fixes XSS vulnerabilities, displays the event time in the dynamic calendar view if requested, improves vCard compatibility, updates the Japanese translation, and adds small bugfixes and improvements.

Release Notes: Three XSS vulnerabilities have been fixed. A protection against CSRF attacks has been added to the preference forms. Bugs in the IMAP and Procmail filter drivers have been fixed. Other minor bugfixes and improvements have been made. the Estonian, French, and Japanese translations have been updated.

Release Notes: An XSS vulnerability in the administration interface has been fixed. The XSS filter for HTML messages and synchronization has been improved. Some issues with certain browsers have been fixed. Reference headers are save now with drafts. A preference for the name format for when sorting contacts and support for some proprietary vCard fields have been added. The vacation rules for some drivers have been fixed or improved. Weekly recurrences and editing remote calendars have been fixed. Importing task due dates has been fixed. A Croatian translation has been added.

  •  14 Sep 2009 12:28

Release Notes: This is a security release that fixes a vulnerability that allows overwriting of local files and two XSS vulnerabilities.

  •  01 May 2009 17:50

Release Notes: Synchronization and LDAP configuration have been improved. An issue involving PGP public keys retrieved from the local address book has been fixed. A regression in 1.2.2 with certain actions, issues with POP3 and deleting messages and certain IMAP folder creation issues have been fixed. The dynamic interface works with IE 8. A script to import events from SquirrelMail calendars and an option to manually change attendee responses has been added. Holidays support has been improved. The estimated time has been added to the task list. A hook for altering the displayed task has been added.


Project Spotlight

Query Interface

A Wordpress plugin for running database queries in the admin panel.


Project Spotlight

HTML Forms generation and validation

A PHP class to dynamically generate and validate HTML forms.