Updates Fix Horde Vulnerability
Security experts are advising users to update to the latest version of the Web-based Horde groupware, which was released just a few days ago.
The maintainers of the comprehensive groupware framework, Horde, published a whole list of new versions in the last few days. Due to bugs and vulnerabilities in older versions of horde, security experts now advise all users to opt for the upgrade.
According to an announcement by Secunia the following versions are affected: Horde 3.1.5, Mnemo 2.1.1, Nag 2.1.3, Kronolith 2.1.6, Turba 2.1.5, Horde Groupware Webmail Edition 1.0.3, and Horde Groupware 1.0.2, probably along with all older versions. The announcement suggests updating to the recently released versions Horde 3.1.6, Mnemo 2.1.2, Nag 2.1.4, Kronolith 2.1.7, Turba 2.1.6, Horde Groupware Webmail Edition 1.0.4 and Horde Groupware 1.0.3 vor.
Besides the core components, the Horde Groupware Framework Horde comprises numerous packages, such as the IMP Web mailer, the Ingo mail filter manager, the Turba contact manager, the Kronolith calendering application, and the tools Nag for task management, and Mnemo for notices. Horde is the Kolab project's web client, and thus the third reference client following Outlook and Kontact.