Hi all,
This new release fixes several security issues within phpGroupWare. The
fixes include:
* Global anti-XSS changes, related to savannah bug #13863
* FUDForum Information Disclosure - CAN-2005-2600
* Disabled XMLRPC until more resources are available -
CAN-2005-2498
Disabling of XMLRPC is regrettable but unavoidable. phpGroupWare's
XMLRPC code is a bastardized version of phpxmlrpc. Our XMLRPC code is
currently unmaintained and we did not have the resources available to
merge and test the changes require. Instead of delaying the release any
more we chose to disable functionality. If you wish to contribute to
fixing our XMLRPC support please contact me directly.
As always grab it from our download section -
http://download.phpgroupware.org/now
Cheers
Dave
--
Dave Hall (aka skwashd)
API Coordinator
phpGroupWare
-------------------------------------------------------------------------
Do you think if Bill Gates got laid in high school, do you think there'd
be a Microsoft? Of course not.
Underwear Goes Inside The Pants by Lazy Boy
_______________________________________________
Phpgroupware-developers mailing list
Phpgroupware-developers@gnu.org
http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
