8259494 2002-04-06 09:02 -0600  /34 rader/ Brent J. Nordquist <bjn@horde.org>
Sänt av: joel@lysator.liu.se
Importerad: 2002-04-08  19:30  av Brevbäraren
Extern mottagare: announce@lists.horde.org
Extern mottagare: imp@lists.horde.org
Extern kopiemottagare: bugtraq@securityfocus.com
Extern kopiemottagare: lwn@lwn.net
Externa svar till: bjn@horde.org
Mottagare: Bugtraq (import) <21764>
Ärende: IMP 2.2.8 (SECURITY) released
------------------------------------------------------------
From: "Brent J. Nordquist" <bjn@horde.org>
To: announce@lists.horde.org, <imp@lists.horde.org>
Cc: bugtraq@securityfocus.com, <lwn@lwn.net>
Message-ID: <Pine.LNX.4.44.0204060859050.13490-100000@kepler.acns.bethel.edu>

The Horde team announces the availability of IMP 2.2.8, which
prevents some potential cross-site scripting (CSS) attacks.  Site
administrators should consider upgrading to IMP 3 (our first
recommendation), but if this is not possible, IMP 2.2.8 should be
used to prevent these potential attacks.

The Horde Project would like to thank Nuno Loureiro <nuno@eth.pt>
for discovering this problem and providing a very thorough analysis.

This release also has an update for Informix.

Download:

This release can be downloaded from the following locations:

	ftp://ftp.horde.org/pub/horde/
	ftp://ftp.horde.org/pub/imp/

MD5 checksums:

96ae6dcf03cab2637c14c13d556049e0  horde-1.2.8.tar.gz
9f0e442f61ce542b945016bee2736d2f  imp-2.2.8.tar.gz
daa3f4f3821036d7ef47205dc2c7922c  patch-horde-1.2.7-1.2.8.gz
f3ee21b6b5e40516d46cef955f29e034  patch-imp-2.2.7-2.2.8.gz

-- 
Brent J. Nordquist <bjn@horde.org> N0BJN / OPN: #horde
(8259494) /Brent J. Nordquist <bjn@horde.org>/(Ombruten)