All releases tagged Minor security fixes
Release Notes: XSS vulnerabilities were fixed. All of a user's address books are now removed when removing users. Deletion of notepads when deleting a user was fixed. The French, Swedish, and Turkish translations were updated. There were further bugfixes and improvements.
Release Notes: This release fixes XSS vulnerabilities. It has updated Czech, Hungarian, Italian, Slovak, and Swedish translations. There are small bugfixes and improvements.
Release Notes: This release fixes an XSS vulnerability (CVE-2012-0909), adds support for resetting passwords in LDAP, and fixes compatibility with Firefox 10.
Release Notes: An XSS vulnerability has been fixed. Protection against CSRF attacks has been added to the preference forms. Other minor bugfixes and improvements have been made. Estonian and French translations have been updated.
Release Notes: An XSS vulnerability in the administration interface has been fixed. Synchronization and Oracle and MS SQL compatibility have been improved. Some issues with Mac browsers and Internet Explorer have been fixed. A preference for the name format for when sorting contacts, and support for some proprietary vCard fields has been added. Some edge cases of weekly recurrences and editing URLs of remote calendars have been fixed. Some speed improvements have been made in the calendar. Importing task due dates has been fixed. A Croatian translation has been added.
Release Notes: This is a security release that fixes a vulnerability that allows overwriting of local files and two XSS vulnerabilities.
Release Notes: This is a security release that fixes unescaped output in the tag cloud block and closes a potential local file inclusion vulnerability. In addition, this release fixes the SQL share driver with PostgreSQL, and adds support for Mozilla Sunbird snooze properties.
Release Notes: This is a security release that fixes unescaped output in the tag cloud block and closes a potential local file inclusion vulnerability.
Release Notes: This release adds another check to the (unused) XSS filter for an Internet Explorer exploit, and fixes unescaped output in a utility test script. Holidays support, upgrading of configuration files, and database generation on PostgreSQL have been fixed too. In addition, there are import scripts for SquirrelMail preferences and contacts, several Kolab issues have been fixed, and access keys have been made consistent across browsers. Sharing when using LDAP-backed groups has been fixed, several SyncML bugs have been fixed, and prototype.js was upgraded to 1.6.0.3.
Release Notes: This release adds another check to the (unused) XSS filter for an Internet Explorer exploit, and fixes unescaped output in a utility test script. Holidays support, upgrading of configuration files, and database generation on PostgreSQL have been fixed too.
