My activities New request

contact atmail support

PH: +61 (7) 5357-6605

support@atmail.com

Follow

Update 6.3.5

Stewart -

January 12, 2012

Hot on the heels of our last release comes Atmail 6.3.5. This is a security update which resolves various XSS and potential vulnerabilities.

Security Related Changes

  • Zend input filter now matches embedded objects within filter target
  • Added sanitizer to sieve filter functions to correct XSS potential in sieve
  • Fixed XSS potential in calendar events popup and associated backend data
  • Added input filtering to log search to correct vulnerability in index and range calculation
  • Added input filtering to admin user controller to correct various security issues in User Manager

Fixed

  • Corrected uninitialized array usage in dashboard controller during graph calculation
  • Corrected unhandled exception in logsearch when no index or duration specified
  • Corrected unhandled exception in user list for groups without users
  • Corrected unhandled exception on invalid data for view contact
Have more questions? Submit a request

Comments