[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpgroupware-users] phpGroupWare Security and Bug Fix Releas

From: Dave Hall
Subject: [Phpgroupware-users] phpGroupWare Security and Bug Fix Release is out
Date: Thu, 31 Aug 2006 22:24:15 +1000

Hi all,

A security vulnerability has been discovered in phpGW <  We
were not given a heads up before it was published. 

The exploit is in the holiday code in calendar.  It can only be
exploited with register_globals = on and gpc_magic_quotes = off.

The advisory can be found at

There is code which exploits the vulnerability in the wild - see

All users are strongly encouraged to upgrade immediately.

You can grab the new version from -

Or update from cvs
$ cd /path/to/phpgroupware
$ cvs update -dP

In addition to the security issue above, this release fixes support for
MySQL4.1+ and pgsql 8.  Support for php5 has been improved too, php5
should now work with zend.ze1_compatibility_mode on

When grabbing your update, check out the conference - :)


Dave Hall (aka skwashd)
API Coordinator
| e address@hidden          | w            |
| j address@hidden                 | aim skwashd                   |
| icq 278064022                       | msn address@hidden       |
| sip address@hidden       | y! skwashd                    |

reply via email to

[Prev in Thread] Current Thread [Next in Thread]