including XSS (prefs, MIME viewer) and preventing overwriting of webserver-
accessible files (image form fields, e.g. with Turba). For more information
see http://lists.horde.org/archives/announce/2009/000512.html.
Thanks Vijay Sankar, Michiel van Baak and Daniel Levai for testing/feedback.
Manager version H3 (2.1.2).
This is a bugfix release that also fixes privilege escalation in the Horde API
and missing ownership validation in the share management. All users are
encouraged to upgrade to this version.
The major changes compared to the Mnemo H3 (2.1.1) version are:
* Fixed privilege escalation in the Horde API.
* Fixed missing ownership validation on share changes.
* Updated Finnish, Japanese, Portuguese, Simplified Chinese, Spanish, and
Traditional Chinese translations.
* Small bug fixes and improvements.
The full list of changes (from version H3 (2.1.1)) can be viewed here:
http://cvs.horde.org/diff.php/mnemo/docs/CHANGES?r1=1.63.2.37&r2=1.63.2.38.2.3&ty=h
* Small bug fixes and improvements.
* Added Slovenian translation and updated Brazilian Portuguese, Dutch,
French, German, Greek, Italian, and Traditional Chinese translations.
The full list of changes (from version H3 (2.1)) can be viewed here:
http://cvs.horde.org/diff.php/mnemo/docs/CHANGES?r1=1.63.2.31&r2=1.63.2.37&ty=h
