Hi all, All phpGroupWare versions earlier than 0.9.16.006 have an arbitrary code execution vulnerability, as outlined in the upstream annoucement - see CAN-2005-1921
The project considers the potential to exploit and impact this flaw to be. Latest version are available at http://download.phpgroupware.org/now CVS or a mirror. All users are encouraged to upgrade ASAP. Vendors wishing to patch packages, rather than release a full version, please contact me directly for the patch. Cheers Dave Hall (aka skwashd) on behalf of the The phpGroupWare Crew -- Dave Hall (aka skwashd) API Coordinator phpGroupWare ------------------------------------------------------------------------- Do you think if Bill Gates got laid in high school, do you think there'd be a Microsoft? Of course not. Underwear Goes Inside The Pants by Lazy Boy _______________________________________________ Phpgroupware-developers mailing list Phpgroupware-developers@gnu.org http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
