help centre
For more info visit status.atmail.com

How can we help?


Search our knowledge base for answers to
common questions and latest updates.



My activities New request

Follow

Update 6.3.5

Stewart -

January 12, 2012

Hot on the heels of our last release comes Atmail 6.3.5. This is a security update which resolves various XSS and potential vulnerabilities.

Security Related Changes

  • Zend input filter now matches embedded objects within filter target
  • Added sanitizer to sieve filter functions to correct XSS potential in sieve
  • Fixed XSS potential in calendar events popup and associated backend data
  • Added input filtering to log search to correct vulnerability in index and range calculation
  • Added input filtering to admin user controller to correct various security issues in User Manager

Fixed

  • Corrected uninitialized array usage in dashboard controller during graph calculation
  • Corrected unhandled exception in logsearch when no index or duration specified
  • Corrected unhandled exception in user list for groups without users
  • Corrected unhandled exception on invalid data for view contact
Have more questions? Submit a request

Comments


Contact our support team


+61 (7) 5357 6605       support@atmail.com