[Phpgroupware-users] phpGroupWare 0.9.16.007 Security Fix Release

phpgroupware-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpgroupware-users] phpGroupWare 0.9.16.007 Security Fix Release

From:	Dave Hall
Subject:	[Phpgroupware-users] phpGroupWare 0.9.16.007 Security Fix Release
Date:	Thu, 25 Aug 2005 02:28:23 +1000

Hi all,

This new release fixes several security issues within phpGroupWare. The
fixes include:

      * Global anti-XSS changes, related to savannah bug #13863
      * FUDForum Information Disclosure - CAN-2005-2600
      * Disabled XMLRPC until more resources are available -
        CAN-2005-2498

Disabling of XMLRPC is regrettable but unavoidable. phpGroupWare's
XMLRPC code is a bastardized version of phpxmlrpc. Our XMLRPC code is
currently unmaintained and we did not have the resources available to
merge and test the changes require. Instead of delaying the release any
more we chose to disable functionality. If you wish to contribute to
fixing our XMLRPC support please contact me directly.

As always grab it from our download section -
http://download.phpgroupware.org/now

Cheers

Dave
-- 
Dave Hall (aka skwashd)
API Coordinator
phpGroupWare
-------------------------------------------------------------------------
Do you think if Bill Gates got laid in high school, do you think there'd 
be a Microsoft?  Of course not.
Underwear Goes Inside The Pants by Lazy Boy

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpgroupware-users] phpGroupWare 0.9.16.007 Security Fix Release, Dave Hall <=
- Re: [Phpgroupware-users] phpGroupWare 0.9.16.007 Security Fix Release, Chris Weiss, 2005/08/24

Prev by Date: Re: [Phpgroupware-users] addressbook, phpgw_contact_note ?
Next by Date: Re: [Phpgroupware-users] phpGroupWare 0.9.16.007 Security Fix Release
Previous by thread: Re: [Phpgroupware-users] addressbook, phpgw_contact_note ?
Next by thread: Re: [Phpgroupware-users] phpGroupWare 0.9.16.007 Security Fix Release
Index(es):
- Date
- Thread