EGroupware SECURITY and bugfix release 1.8.006

classic Classic list List threaded Threaded
1 message Options
Ralf Becker Stylite AG Ralf Becker Stylite AG
Reply | Threaded
Open this post in threaded view

EGroupware SECURITY and bugfix release 1.8.006

This release contains security fixes for:

a) arbitrary file overwrite (with rights of webserver user on server)
b) remote code execution (on client/browser)

It is recommended to update ASAP!

Thanks to Pedro Ribeiro <[hidden email]> of Agile Information Security
for discovering and reporting the problem to us.

Please see changelog for other fixes contained in this release:

Thanks to everyone who helped with this release.

Some news about upcomming new release 14.1:

- Stylite AG's internal EGroupware is updated to 14.1 and we do all our
internal work with it since 3 weeks
- publishing of a public demo will happen withing next days
- next milestones are:
  + public trials and hosting in Stylite cloud
  + release for local installation

Ralf Becker
Director Software Development

Stylite AG

Morschheimer Strasse 15 | Tel. +49 6352 70629 0
D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30

Email: [hidden email] |

Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller
Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer

VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany

Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
eGroupWare-announcement mailing list
[hidden email]