[SECURITY] Fedora 21 Update: zarafa-7.1.12-2.fc21
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jun 5 23:48:16 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-8487
2015-05-19 11:38:29
--------------------------------------------------------------------------------
Name : zarafa
Product : Fedora 21
Version : 7.1.12
Release : 2.fc21
URL : http://www.zarafa.com/
Summary : Open Source Edition of the Zarafa Collaboration Platform
Description :
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The
Open Source Collaboration provides an integration with your existing Linux
mail server, native mobile phone support by ActiveSync compatibility and a
webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an
IMAP and a POP3 gateway as well as an iCal/CalDAV gateway, the Zarafa Open
Source Collaboration can combine the usability with the stability and the
flexibility of a Linux server.
The proven Zarafa groupware solution is using MAPI objects, provides a MAPI
client library as well as programming interfaces for C++, PHP and Python.
The other Zarafa related packages need to be installed to gain all features
and benefits of the Zarafa Collaboration Platform (ZCP).
--------------------------------------------------------------------------------
Update Information:
- Upgrade to 7.1.12 (re-released)
- Backported patch from Zarafa 7.2 to fix CVE-2015-3436
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 18 2015 Robert Scheck <robert at fedoraproject.org> 7.1.12-2
- Upgrade to 7.1.12 (re-released)
- Backported patch from Zarafa 7.2 to fix CVE-2015-3436 (#1222151)
* Tue Apr 7 2015 Robert Scheck <robert at fedoraproject.org> 7.1.12-1
- Upgrade to 7.1.12
- Added multiple minor enhancement and bugfix patches
- Added patch to fix CVE-2014-0103 for PHP < 5.3 (#1073618)
- Handle "su" option in logrotate >= 3.8.0 to avoid errors
* Sat Oct 25 2014 Kevin Kofler <Kevin at tigcc.ticalc.org> 7.1.11-2
- Rebuild for reference-counting-enabled clucene09
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222151 - CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem
https://bugzilla.redhat.com/show_bug.cgi?id=1222151
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update zarafa' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list