Projects / Horde Application Framework / Releases / Minor security fixes

RSS All releases tagged Minor security fixes

  •  10 Sep 2008 12:03

Release Notes: This release improves the XSS filter.

  •  13 Jun 2008 23:18

Release Notes: This release fixes unescaped output only exploitable by authenticated users. It also includes a number of bugfixes since Horde 3.2.1, including fixes for Cache drivers, SQL shares, Preferences, and more. Finally, it includes some new Kolab Group and Preferences drivers.

  •  13 Jun 2008 23:17

Release Notes: This release fixes unescaped output only exploitable by authenticated users, and fixes handling of large amounts of text in filters with PHP 5.2+.

  •  07 Mar 2008 16:22

Release Notes: An arbitrary file inclusion vulnerability, through abuse of the theme preference, has been fixed.

  •  22 Jan 2008 13:32

Release Notes: A privilege escalation in the Horde API has been fixed. The XSS filtering has been improved. Compatibility between newer themes and older applications has been improved. The SOAP and JSON-RPC interfaces have been improved. Creation of sub-groups and localization of the WYSIWYG editor have been fixed. Many further bugfixes and improvements have been made.

  •  09 Jan 2008 16:43

Release Notes: A privilege escalation in the Horde API has been fixed. The XSS filtering has been improved. Locked portal blocks have been fixed. The webroot detection has been improved further. The Japanese translation has been updated.

  •  14 Mar 2007 15:53

Release Notes: A local arbitrary file deletion vulnerability has been fixed. The Oracle session handler has been rewritten. vTimezone support for iCalendar data and ORG support for vCard data have been added. Samba and Cyrus SQL authentication drivers, automatic Web root detection, signature dimming, and compatibility of generated ZIP files have been improved. Validation of some email distribution lists has been fixed. Many small fixes and improvements have been made. Brazilian Portuguese, Catalan, Dutch, French, German, Portuguese, and Traditional Chinese translations have been updated.

  •  17 Aug 2006 08:15

Release Notes: This is a bugfix release that also fixes a cross site scripting vulnerability and improves protection against phishing attempts. Kolab group ACL support has been added, import of date and time fields has been improved, and synchronization support has been fixed. Catalan, German, and Slovenian translations have been updated.

  •  17 Aug 2006 08:15

Release Notes: This is a security release that fixes a cross site scripting vulnerability and improves protection against phishing attempts.

  •  05 Jul 2006 11:05

Release Notes: This is a security release that fixes cross site scripting vulnerabilities in three places and removes some unused proxy code. A configuration option to disable GET-based sessions has been added. Oracle and generic SQL upgrade scripts have been added. The default charset support, the API, and the RPC interface have been improved. The preference cache has been fixed.

Screenshot

Project Spotlight

xmlJ

A Java XML editor.

Screenshot

Project Spotlight

GNUnet

A framework for secure peer-to-peer networking.