You can subscribe to this list here.
2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(5) |
Oct
(3) |
Nov
(3) |
Dec
(1) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2004 |
Jan
(1) |
Feb
|
Mar
(5) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(2) |
Aug
(4) |
Sep
(1) |
Oct
|
Nov
(2) |
Dec
|
2005 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
(2) |
Oct
(1) |
Nov
(4) |
Dec
(1) |
2006 |
Jan
|
Feb
|
Mar
(3) |
Apr
(1) |
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
2007 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
(2) |
Jun
(2) |
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
2008 |
Jan
|
Feb
|
Mar
(1) |
Apr
(2) |
May
|
Jun
|
Jul
(2) |
Aug
|
Sep
|
Oct
(3) |
Nov
(4) |
Dec
|
2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2010 |
Jan
|
Feb
|
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
(1) |
2011 |
Jan
|
Feb
(1) |
Mar
|
Apr
(2) |
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
(1) |
Nov
(1) |
Dec
|
2012 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2013 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
2014 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
(1) |
Jun
(1) |
Jul
(3) |
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
(1) |
2015 |
Jan
(2) |
Feb
(3) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(3) |
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Ralf B. <rb...@st...> - 2016-07-01 06:57:15
|
Dear community members, developers and EGroupware users, Stylite AG is happy to announce the immediate availability of final release 16.1. 16.1 contains many new features and improvements, just to name a few: * Calendar: complete rewrite of user interface for improved functionality, drag&drop, context menu * Mobile: new mobile phone and tablet user interface, offering compact display for mobile phones * Desktop: new brighter desktop template, lots of work on usability and look & feel * Mail/InfoLog: PGP end-to-end encryption using Mailvelope plugin (InfoLog requires EPL subscription) * eSync: update to Z-Push 2.3 fixing several Android problems and allow to sync with Outlook 2013/6 Recommended installation packages are available from our server:eGroupware repository on build.opensuse.org: https://software.opensuse.org/download.html?project=server%3AeGroupWare&package=egroupware-epl Release notes are available from https://github.com/EGroupware/egroupware/wiki/Release-notes-16.1 Please note: - if you are using eSync (Active Sync protocol) you need to remove and recreate accounts on your mobile device (CalDAV/CardDAV protocol is NOT affected)! - changed minimum requirement of PHP 5.4+, recommended 5.6 or 7.0. It means you need at least a Debian7, Ubuntu 14.04, RHEL 7 (6 with IUS repo) or openSUSE 13.1 or SLE 12. Recommendation is of course always to use a current distribution, e.g. Ubuntu 16.04 or RHEL/CentOS 7 with PHP 7. EGroupware sources are managed on Github since a couple of weeks: https://github.com/EGroupware/egroupware Above page also contains installation instructions for installation via git with myrepos tool and archives. Alternatively to a test installation of 16.1 on an own server, EGroupware is available as a trial service of the Stylite computing center. We´re looking forward to your feedback on our Facebook page: https://www.facebook.com/EGroupware We hope you enjoy using our new release :-) Ralf -- Ralf Becker Director Software Development Stylite AG Isaac-Fulda-Allee 9 | Tel. +49 6131 32702-0 D-55124 Mainz | Fax. +49 6131 32702-70 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 46224 Mainz Germany |
From: Ralf B. <rb...@st...> - 2016-06-28 15:28:59
|
Dear community members, developers and EGroupware users, Stylite AG is happy to announce the third and probably last 16.1 release candidate. It contains following changes and fixes to 16.1RC2: * eSync: several fixes to improve syncing with Outlook and avoid running out of memory * MySQL/Ubuntu 16.04: switch off sql_mode ONLY_FULL_GROUP_BY enabled in MySQL 5.7+ * Mobile: fix error popup when changing application on mobile device in minimal 16.1 install * eSync/Calendar: reading events in chunks of 100, to keep memory down for huge calendars * Mail: Fix mail unsubscribe does not refresh mail tree anymore * CalDAV/InfoLog: do not export stardate > duedate, as some clients (eg. CalDAV Sync for Android) have problems with it * eSync/InfoLog: do not export stardate > duedate, as it crashes Outlook * ImportExport: fix PHP Fatal in import wizard in minimal install * Projectmanager: booking new timesheets on project did not updated total in project sums It contains following changes and fixes to 16.1RC1: * eSync: YOU NEED TO RECREATE EXCHANGE ACCOUNTS ON YOUR DEVICES, Z-Push SQL state backend is used now * eSync: Z-Push 2.3 allows to sync Outlook 2013 & 2016 * Mail/Api: replace decrecated Mcrypt PHP extension with OpenSSL, use AES128 with pbkdf2 streching of passwords * PGP: renamed (hidden) backup-file in users home-directory to .PGP-Key-Backup * InfoLog: change description to longtext (4GB) to not overflow on long comments or PGP encrypted files * Addressbook/Mail: fix PHP Fatal error when clicking on "add new contact" icon in mail * Resources: fix PHP Fatal call to undefined method Api\Accounts::get_list() when editing ACL * Mail: fix PHP Fatal error when saving Sieve scripts * ImportExport: scheduled im/exports fail with PHP Fatal error * Filemanager/Projectmanager: fix broken layout when showing /apps/projectmanager eg. opening Filemanager from PM * Setup: some authtication types eg. Cas were not shown in setup * API: async service failed to run on a default install (no phpgwapi) * Admin: fix async service testjob to run on a default install (no phpgwapi) * Mail: fix PHP Fatal when switching identities 16.1 contains many new features and improvements, just to name a few: * Calendar: complete rewrite of user interface for improved functionality, drag&drop, context menu * Mobile: new mobile phone and tablet user interface, offering compact display for mobile phones * Desktop: new brighter desktop template, lots of work on usability and look & feel * Mail/InfoLog: PGP end-to-end encryption using Mailvelope plugin (InfoLog requires EPL subscription) * eSync: update to Z-Push 2.3 fixing several Android problems Please note, the changed minimum requirement of PHP 5.4+, recommended 5.6 or 7.0. It means you need at least a Debian7, Ubuntu 14.04, RHEL 7 (6 with IUS repo) or openSUSE 13.1 or SLE 12. Recommendation is of course always to use a current distribution, e.g. Ubuntu 16.04 or RHEL/CentOS 7 with PHP 7. Recommended installation packages are available in a separate server:eGroupware:trunk repository on build.opensuse.org: https://software.opensuse.org/download.html?project=server%3AeGroupWare%3Atrunk&package=egroupware-epl EGroupware sources are managed on Github since a couple of weeks: https://github.com/EGroupware/egroupware Above page also contains installation instructions for installation via git with myrepos tool and archives. Alternatively to a test installation of 16.1 on an own server, EGroupware is available as a trial service of the Stylite computing center. Please help testing the release candidate. We´re looking forward to your feedback on our Facebook page: https://www.facebook.com/EGroupware Final release is now planned for this Friday 1. July 2016. Happy testing Ralf -- Ralf Becker Director Software Development Stylite AG Isaac-Fulda-Allee 9 | Tel. +49 6131 32702-0 D-55124 Mainz | Fax. +49 6131 32702-70 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 46224 Mainz Germany |
From: Ralf B. <rb...@st...> - 2016-06-22 06:45:21
|
Dear community members, developers and EGroupware users, Stylite AG is happy to announce the second 16.1 release candidate. It contains following changes and fixes to 16.1RC1: * eSync: YOU NEED TO RECREATE EXCHANGE ACCOUNTS ON YOUR DEVICES, Z-Push SQL state backend is used now * eSync: Z-Push 2.3 allows to sync Outlook 2013 & 2016 * Mail/Api: replace decrecated Mcrypt PHP extension with OpenSSL, use AES128 with pbkdf2 streching of passwords * PGP: renamed (hidden) backup-file in users home-directory to .PGP-Key-Backup * InfoLog: change description to longtext (4GB) to not overflow on long comments or PGP encrypted files * Addressbook/Mail: fix PHP Fatal error when clicking on "add new contact" icon in mail * Resources: fix PHP Fatal call to undefined method Api\Accounts::get_list() when editing ACL * Mail: fix PHP Fatal error when saving Sieve scripts * ImportExport: scheduled im/exports fail with PHP Fatal error * Filemanager/Projectmanager: fix broken layout when showing /apps/projectmanager eg. opening Filemanager from PM * Setup: some authtication types eg. Cas were not shown in setup * API: async service failed to run on a default install (no phpgwapi) * Admin: fix async service testjob to run on a default install (no phpgwapi) * Mail: fix PHP Fatal when switching identities 16.1 contains many new features and improvements, just to name a few: * Calendar: complete rewrite of user interface for improved functionality, drag&drop, context menu * Mobile: new mobile phone and tablet user interface, offering compact display for mobile phones * Desktop: new brighter desktop template, lots of work on usability and look & feel * Mail/InfoLog: PGP end-to-end encryption using Mailvelope plugin (InfoLog requires EPL subscription) * eSync: update to Z-Push 2.3 fixing several Android problems Please note, the changed minimum requirement of PHP 5.4+, recommended 5.6 or 7.0. It means you need at least a Debian7, Ubuntu 14.04, RHEL 7 (6 with IUS repo) or openSUSE 13.1 or SLE 12. Recommendation is of course always to use a current distribution, e.g. Ubuntu 16.04 or RHEL/CentOS 7 with PHP 7. Recommended installation packages are available in a separate server:eGroupware:trunk repository on build.opensuse.org: https://software.opensuse.org/download.html?project=server%3AeGroupWare%3Atrunk&package=egroupware-epl EGroupware sources are managed on Github since a couple of weeks: https://github.com/EGroupware/egroupware Above page also contains installation instructions for installation via git with myrepos tool and archives. Alternatively to a test installation of 16.1 on an own server, EGroupware is available as a trial service of the Stylite computing center. Please help testing the release candidate. We´re looking forward to your feedback on our Facebook page: https://www.facebook.com/EGroupware Final release is currently planned for beginning of July 2016. Happy testing Ralf -- Ralf Becker Director Software Development Stylite AG Isaac-Fulda-Allee 9 | Tel. +49 6131 32702-0 D-55124 Mainz | Fax. +49 6131 32702-70 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 46224 Mainz Germany |
From: Ralf B. <rb...@st...> - 2016-06-06 15:28:48
|
Dear community members, developers and EGroupware users, Stylite AG is happy to announce the first 16.1 release candidate. 16.1 contains many new features and improvements, just to name a few: * Calendar: complete rewrite of user interface for improved functionality, drag&drop, context menu * Mobile: new mobile phone and tablet user interface, offering compact display for mobile phones * Desktop: new brighter desktop template, lots of work on usability and look & feel * Mail/InfoLog: PGP end-to-end encryption using Mailvelope plugin (InfoLog requires EPL subscription) * eSync: update to Z-Push 2.3 fixing several Android problems Please note, the changed minimum requirement of PHP 5.4+, recommended 5.6 or 7.0. It means you need at least a Debian7, Ubuntu 14.04, RHEL 7 (6 with IUS repo) or openSUSE 13.1 or SLE 12. Recommendation is of course always to use a current distribution, e.g. Ubuntu 16.04 or RHEL/CentOS 7 with PHP 7. Recommended installation packages are available in a separate server:eGroupware:trunk repository on build.opensuse.org: https://software.opensuse.org/download.html?project=server%3AeGroupWare%3Atrunk&package=egroupware-epl EGroupware sources are managed on Github since a couple of weeks: https://github.com/EGroupware/egroupware Above page also contains installation instructions for installation via git with myrepos tool and archives. Alternatively to a test installation of 16.1 on an own server, EGroupware will be available from Wednesday on as a trial service of the Stylite computing center. Please help testing the release candidate. We´re looking forward to your feedback on our Facebook page: https://www.facebook.com/EGroupware Final release is currently planned for beginning of July 2016. Happy testing :) Ralf -- Ralf Becker Director Software Development Stylite AG Isaac-Fulda-Allee 9 | Tel. +49 6131 32702-0 D-55124 Mainz | Fax. +49 6131 32702-70 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 46224 Mainz Germany |
From: Ralf B. <rb...@st...> - 2015-02-18 15:11:33
|
This release contains important security fixes. *It is recommended to update ASAP!* 1. Critical: Unauthenticated insecure PHP object deserialization allowing arbitrary code execution 2. High: Cross site scripting by circumventing content security policy 3. High: Unauthenticated local file access read and write under MS Windows *Older EGroupware releases are affected too:* * 14.1: please make the unproblematic update to 14.2.20150218 * EPL 11.1: you need to update to 11.1.20150218 * 1.8: you need to update to 1.8.007.20150218 or better direct to 14.2.20150218 Credits and thanks to Andreas Fischer and Lukas Reschke who found the issues and notified us. The release is also a regular maintenance release like we publishing it currently every ~2 weeks. It also contains many bug-fixes, specially compared with initial 14.2 release: http://www.egroupware.org/changelog Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2015-02-12 15:38:12
|
I'm happy to announce immediate availability of final version 14.2: http://www.egroupware.org/en/discover/blog-news/blog-entry/article/egroupware-142-provides-dropbox-alternative-easily-exchange-large-files-with-customers-and-projec.html It contains a couple of fixes to our last release candidate: * All apps: improved printing: CRM view and given number or rows * All apps: drag & drop files only worked on input nodes, eg. files draged in from desktop * Filemanager/Mail: fixed not created thumbnails for readable shares * ImportExport: links supposed to open in admin did not show admin sidebox with tree * ProjectManager: add new role with rights limited only to add timesheets * Home: fixed placing of portlets for FireFox and missing context menu after re-opening home tab Installation packages are available via OpenBuildService server:eGroupWare project, see our download page: http://www.egroupware.org/download Important notice: ---------------- - there will be no more 1.8 or 14.1 releases, please update to 14.2! - OpenBuidService repo for 14.2 changed back to server:eGroupWare - if you are already on that repo, (auto-)update will take you to 14.2 - if you used server:eGroupWare:trunk to update to a release candidate, you need to change repo back, as there will be no further updates! - 14.2 is only a single archive (no more -pear package)! Please give us your feedback or praise via our Facebook page: https://www.facebook.com/EGroupware Happy EGroupware-ing :-) Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2015-02-10 14:21:02
|
I'm happy to announce availability of administration basics tutorial: http://www.egroupware.org/discover/tutorials/egroupware.html and our last release candidate containing following fixes and improvements: * 3. release candidate for upcoming 14.2 release * All apps: Activate cross-browser autocomplete * All apps: printing of lists improved a lot, asks now how many lines to print * Backup: backing up bool columns now for all databases as 1 or 0, but understanding PostgreSQL "t" or "f" too * Mail: fix not working BCC addresses * Mail: fixed exception when opening vacation notice or sieve-rules for an account with a changed standard identity or later created account * InfoLog: allow type specific index templates (named infolog.index.rows.$type) * Calendar/CalDAV: fixed not synced recurrences, because invitation was to a group only or first recurrence was an exception * Calendar/CalDAV: fixed synced events still contained deleted exceptions * Calendar: fix not working tooltip (showing html tags) in year-view * Calendar: fixed deleting exceptions while editing a series * Knowledgebase: use activate_links to make sure links open in new windows * Admin: fix not working setting of ACL for account-selection "select-box with primary group and search", data from contains no selection * Admin: Fix edit groups dialog resize problem * Filemanager/Expose view: enhancements * Mail/IE: fixed compose popup did not open again after it was closed eg. mail was send * Mail/Sieve: check capability if VACATION is supported by SIEVE Server before trying to set an serverside vacation absent notice * Sieve: coping with a dbmail bug in some versions of the Server. Server using formal syntax being reserved for client->server communication Installation packages are available via OpenBuildService server:eGroupWare:trunk project, see our download page: http://www.egroupware.org/download Please help testing the release candidate and give us feedback via our Facebook page: https://www.facebook.com/EGroupware Happy testing :-) Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2015-01-30 15:26:00
|
We decided to take a little more time and an other release candidate before final release. Even as we do that for internal reasons, it gives you time for more testing and an other release candidate beginning of next week. There are two ways you can help testing the release: 1. create a trail (and optional upload your database) http://www.egroupware.org/discover/trial.html 2. update your own installation using current 2. RC or new 3. RC beginning of next week http://www.egroupware.org/products-and-prices/egroupware-community-edition.html All Stylite hosting customers are already using 14.2 since today. Eva finished a new tutorial "Administration basics", it's immediately available in German: http://www.egroupware.org/discover/tutorials/egroupware.html English version will arrive beginning of next week. Have a nice weekend Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2015-01-22 09:46:48
|
We decided to have an other final release candidate, because of many noteworthy improvements since first release candidate: * Filemanager: click on image opens expose view incl. gallery and slide-show * Filemanager: enhance sharing to keep session of already logged in user, when he clicks on a share * Mail/SMTP: fixed not working sending of mails, if secure connection setting was different from IMAP server "could not connect to SMTP server" * Mail/Sieve: fixed not running/set async vacation notice * Mail/Sieve: remove prefix (of mail-account) for sieve save into folder * All application: Fix unintentional dragging happens while user try to do scrolling over a dragging item in FF(e.g. scrolling over an scrollable infolog entry) * Backup: fixed broken backup of tables without an auto index * WebDAV: fixed not working range requests causing eg. direct playing of video files to fail * Calendar: speed improvements for huge calendar databases * Calendar/CalDAV/eSync: fixed not synced events constructed from exceptions * ProjectManager: fix SQL error "unknown column pe_* in order clause" * Setup: allow to use Composer (https://getcomposer.org/) to manager requirements (instead of PEAR) * no longer requiring php(5)-pear, but new egroupware-epl-vendor package containing all dependencies Last one is an important change, if you choose to install from archives: there is no longer a need to install PEAR and Horde packages we depend on! Installation packages are available via OpenBuildService server:eGroupWare:trunk project, see our download page: http://www.egroupware.org/download Please help testing the release candidate and give us feedback via our Facebook page: https://www.facebook.com/EGroupware Release date has been moved by one week to January 29nd 2015. Happy testing :-) Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2014-12-10 17:20:19
|
I'm happy to announce the immediate availability of new 14.2 beta :-) 14.2 adds three - in our opinion - most wanted features:_ _ *1. Dropbox like sharing of files* EGroupware users often have the need to exchange files with people outside there own EGroupware. With file sharing we have now a simple solution exactly for that problem. Select one or more files or directories in Filemanager, right-click and choose *Mail files* as: - *Attachment* (old way, works reliably only for a couple of MB total file-size) - *Download link*: creates a copy of current version of files and mails a link allowing to download them - *Readable share*: mails a link allowing to download at that time current version of files - *Writable share*: mails a link allowing to download or update current version of files Last option is *only available in EPL subscription* together with an *optional expiration date or password*. The links require no further authentication, sharing your EGroupware credentials or create recipients as EGroupware users. That new facility can also be used from Mail compose to work around attachment size limitation imposed by mail servers. A list of shared files in Filemanager menu allows to delete a share and therefore renders a sharing link immediately unusable. 2. Home app is back in form of a customizable dashboard Dashboard was designed as a new form to organize your work: - have a couple of key customers to need to contact daily, just drag them to dashboard to always have them available - that calendar favorite showing the week of you and your co-worker, just add it to dashboard to have it always in view - same is true for all favorites they can be added by right click on dashboard: Add >> app-name >> Favorite >> select one - select a couple of entries from any app and drag them to dashboard - of cause you can also add a simple note / post-it to your dashboard - EGroupware news have been ported to eTemplate2 and are therefore available too 3. Tablet support for EGroupware EGroupware detects now tablets and other mobile devices and switched automatically to our new "mobile" theme. Mobile theme rearranges user interface for the small screen on your device. It also adds touch support to: - select or deselect rows via right or left swipe - tab (long click) opens context menu with all available options - menu can be hidden to maximize space available for your content (state is remembers on a per app basis) - rotating the device moves menu from left side for landscape to top for portrait orientation to make most of available space Edit dialogs and the like open full screen as you expect it from a mobile app. They always return to list they are opened from. Mobile theme keeps all client side data available when changing view, to minimize traffic with server, like Pixelegg or Stylite template does already. You can also select it explicit as theme for small screens. *14.2 beta is immediate available* from our download page, or as package for most Linux distributions: http://software.opensuse.org/download.html?project=server%3AeGroupWare%3Atrunk&package=egroupware-epl Have fun trying it out and tell us what you think about it through our Facebook page: https://www.facebook.com/EGroupware There will be a video showcasing the new features in the next days. Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2014-10-22 14:50:54
|
This release contains a security fix for a path traversal allowing to download arbitrary files from the server. It is recommended to update ASAP! (Older EGroupware releases 1.8.007 and 11.1 are not affected by above mentioned problem.) The release is also a regular maintenance release like we publishing it currently every ~2 weeks. So it contains many bug-fixes, specially compared with initial 14.1 release: http://www.egroupware.org/changelog Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2014-07-10 13:16:21
|
(Deutsche Übersetzung am Ende / German translation at the end) EGroupware 14.1 release is available immediately :-) A list of major new features is available for our new website: http://www.egroupware.org/discover/new-features-141.html The release is available from http://www.egroupware.org/download Detailed information about changes and fixed issues is available from http://www.egroupware.org/get-help/developers-logbooks/changelog.html Please read release notes before attempting to update to 14.1 http://community.egroupware.org/wiki/ReleaseNotes14.1 We are looking for translators as many app have changed. Translations status is available again http://community.egroupware.org/languages If you want to contribute translations to EGroupware most easy way is to get an account on our translation server https://translation.stylite.de/egroupware/ If you run into problems, please create a trial in our hosting: http://www.egroupware.org/trial test if problem still exists there and report it with the provided credentials at our bug-tracker: https://my.stylite.de/egw/ Many thanks everyone who made this huge effort possible and thanks to everyone for having patience with us while we've been working on it :-) Ralf - Deutsche Übersetzung / Germany translation --------------------------- EGroupware 14.1 Release ist ab sofort verfügbar, siehe unsere Pressemitteilung http://www.egroupware.org/de/entdecken/blog-news/blog-entry/article/pressemitteilung-egroupware-141.html Eine Liste der neuen Funktionen ist auf userer Website verfügbar http://www.egroupware.org/neue-funktionen-141 Das Release selbst kann hier herunter geladen werden http://www.egroupware.org/de/produkte-und-preise/egroupware-community-edition.html Detailierte Informationen über Änderungen und behobene Probleme gibt es hier: http://www.egroupware.org/get-help/developers-logbooks/changelog.html Bitte lesen Sie die "Release notes" bevor Sie auf 14.1 updaten http://community.egroupware.org/wiki/ReleaseNotes14.1 Bei Problemen / Fehlern bitte ein Trail in unserem Hosting erstellen http://www.egroupware.org/de/entdecken/testen.html testen ob das Problem dort (noch) existiert und es mit den erhaltenen Zugangsdaten auf unserem Helpdesk reporten: https://my.stylite.de/egw/ Vielen Dank an jeden der diese enorme Anstrengung möglich gemacht hat und auch danke an alle für ihre Geduld mit uns, während wir daran gearbeitet haben :-) Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2014-07-04 16:16:39
|
<html> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-15"> </head> <body bgcolor="#FFFFFF" text="#000000"> Let's start with the good news: (Deutsche Übersetzung am Ende)<br> <br> We just finished <b>EGroupware's new website</b> for 14.1 release:<br> <br> <a class="moz-txt-link-freetext" href="http://www.egroupware.org/">http://www.egroupware.org/</a><br> <br> Please check it out, share it with friends, like it on Facebook and let us know what you think :-)<br> <br> <b>14.1 is a huge step for EGroupware</b> and beside all usability improvements and features, we also changed what we <b>define as community edition</b> (CE):<br> <br> 1.8 was a copy of our 2009 subscription version EPL 9.2, that ensured there were many reasons to buy our subscription, which in turn is how whole EGroupware development is founded. <br> <br> But it also had a couple of drawbacks:<br> - bugfixes and necessary additions like support for new iPhone versions took a lot effort to backport and were therefore either delayed or sometimes not possible at all<br> - EGroupware popularity was decreasing as old community version looked quite old-fashioned and lacked features in comparison to alternatives<br> <br> With 14.1 we are going to change that and <b>c</b><b>ommunity edition will be same software version as our subscription</b> version EPL.<br> This does not mean all EPL features will become available in the community editions, many have, some have not. We still need to found constant development of EGroupware. Therefore we introduce an other differentiation between CE and EPL version: <br> <br> The new administration app in 14.1 will <b>no longer include managing of groups</b>! <br> <br> To elaborate a bit on that: all existing groups stay, but new installations come with only two groups, one for all users (Default) and one for administrations (Admins). Users can be added or remove from groups via user management and ACL or app run-rights can be changed via new ACL management.<br> <br> This is necessary to ensure a sustainable development of EGroupware, which is in everyones interest. <br> We will make EPL's <b>group management available</b><b> to our </b><b>longtime community users</b>, as they are important for us! <br> When you submit your next usage statistic, you will receive credentials to install it. <br> <br> Bad news is: developing our <b>beautiful new website</b> took a little longer and we need to send release announcement to press in advance. Therefore <b>final release date is move one last time to Thursday 10th July</b> next week.<br> <br> Keep on testing and translating 14.1 :-)<br> <br> Ralf<br> <br> - Deutsche Übersetzung / German translation --------------------------------------------------<br> <br> Ich fange mal mit der guten Nachricht an:<br> <br> Wir haben jetzt eine <b>neue </b><b>Webseite für das 14.1 Release</b>:<br> <br> <a class="moz-txt-link-freetext" href="http://www.egroupware.org/">http://www.egroupware.org/</a><br> <br> Bitte schaut sie an, teilt sie mit Freunden, "liked" sie auf Facebook und lasst uns wissen was Ihr davon haltet :-)<br> <br> <b>14.1 ist ein riesiger Schritt für EGroupware!</b> Neben allen Verbesserungen bei der Bedienerfreundlichkeit und neuen Features haben wir auch die <b>Definition der Community Edition geändert</b>:<br> <br> Die 1.8 war eine Kopie unserer kommerziellen 2009 Version EPL 9.2. Das stellte sicher, dass es viele Gründe gab unser kommerzielles Produkt zu abonnieren, wovon wiederum die Entwicklung der gesamten EGroupware finanziert wurde.<br> <br> Das brachte aber auch einige Nachteile mit sich:<br> - Fehlerbehebungen und notwendige Erweiterungen wie zum Beispiel die Unterstützung für eine neue iPhone Version waren sehr aufwändig und wurden daher entweder verzögert oder waren teilweise gar nicht möglich<br> - die Popularität von EGroupware ging zurück, da die alte Community Version ziemlich altmodisch wirkte und einige Feature fehlten, die es bei anderen Produkten inzwischen gab<br> <br> Mit der 14.1 werden wir das ändern und die <b>Community Edition CE wird den gleiche Softwarestand haben wie unser kommerzielles Produkt</b><b> EPL</b>. Das bedeutet allerdings nicht, dass alle Features der EPL Version in der Community Version verfügbar werden, manche werden es, andere nicht. Wir müssen allerdings weiterhin die fortlaufende Weiterentwicklung von EGroupware finanzieren. Daher werden wir eine weitere Unterscheidung von CE und EPL Version einführen:<br> <br> Die neue Administration in der 14.1 wir <b>keine Gruppenverwaltung mehr enthalten</b>!<br> <br> Um das ein bisschen zu erläutern: alle bestehenden Gruppen bleiben natürlich erhalten, neue Installationen kommen nur noch mit zwei Gruppen, eine für alle Benutzer (Default) und eine für Administratoren (Admins). Benutzer können in der Benutzerverwaltung zu Gruppen hinzugefügt bzw. entfernt werden und Zugriffs- oder Ausführungsrechte können im neuen Zugriffsmanagement geändert werden.<br> <br> Das ist notwendig um eine nachhaltige Weiterentwicklung von EGroupware sicher zu stellen, die in aller Interesse liegt.<br> Wir werden das <b>Gruppenmanagement der EPL den langjährigen Benutzer der Community zur Verfügung stellen</b>, da uns diese wichtig sind! Mit der Übermittlung der Benutzerstatistik erhalten diese Zugangsdaten zur Installation des Gruppenmanagements.<br> <br> Die schlechte Nachricht ist: die Entwicklung unseren <b>schönen neuen Webseite</b> hat etwas länger gedauert und wir müssen die Presseerklärung mit Vorlauf verschicken. Daher haben wir das <b>Releasedatum ein letztes Mal auf Donnerstag den 10. Juli nächste Woche verschoben</b>.<br> <br> Viel Spaß beim Testen der 14.1 :-)<br> <br> Ralf<br> <pre class="moz-signature" cols="72">-- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: <a class="moz-txt-link-abbreviated" href="mailto:rb...@st...">rb...@st...</a> <a class="moz-txt-link-abbreviated" href="http://www.stylite.de">www.stylite.de</a> | <a class="moz-txt-link-abbreviated" href="http://www.egroupware.org">www.egroupware.org</a> Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany </pre> </body> </html> |
From: Ralf B. <rb...@st...> - 2014-07-01 12:56:56
|
The release candidate is available from http://www.egroupware.org/download It fixes following major issues: - version numbers are now 14.1 - PostgreSQL installation and updates are working now - custom-fields are stored in an own table (no more limit how many you can have) - site configuration, categories, schema in backups and preferences use now JSON encoding (instead of PHP serialization) Currently open major issues: - package upgrade under Debian requires currently: aptitude update; aptitude install egroupware-epl; aptitude upgrade and then to go to EGroupware setup and run pending application updates. (Ubuntu and RPM packages work!) This is planned to be the only release candidate with a final release on Thursday 3. July 2014 :-) Release notes are currently worked on and will be available from http://community.egroupware.org/wiki/ReleaseNotes14.1 We are looking for translators as many app have changed. Translations status is available again http://community.egroupware.org/languages If you want to contribute translations to EGroupware most easy way is to get an account on our translation server https://translation.stylie.de/egw/ Please help testing with new installations and (test-)updates of your current data. If you run into problems, please create a trial in our hosting: http://www.egroupware.org/trial test if problem still exists there and report it with the provided credentials at our bug-tracker: https://my.stylite.de/egw/ Thanks to everyone helping with testing of the release Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2014-06-17 17:56:14
|
I'm happy to announce we are getting really close to a release now. We have new beta packages available from http://www.egroupware.org/download Last major issues: - PostgreSQL installation still failing - version number is not yet 14.1 (still 1.9.xxx) Current plan is to have a single release candidate beginning of next week, before final release shortly after. Please help testing with new installations and (test-)update of your current data. If you run into problems, please create a trial in our hosting: http://www.egroupware.org/trial test if problem still exists there and report it with the provided credentials at our bug-tracker: https://my.stylite.de/egw/ If you're interested in 14.1 background information, have a look at my recent blog posts http://www.egroupware.org/blog Thanks to everyone helping with testing of the release :-) Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2014-05-06 11:32:51
|
This release contains security fixes for: a) remote command execution (with rights of webserver user) for logged in users with administrative privileges b) cross site request forgery allowing to create new admin users or run above commands It is recommended to update ASAP! Thanks to High-Tech Bridge Security Research Lab for discovering and reporting above problems to us. See their advisory: https://www.htbridge.com/advisory/HTB23212 Please see change-log for other fixes contained in this release: http://www.egroupware.org/changelog Thanks to everyone who helped with this release. Problems are also fixed for EPL-11.1 (from 11.1.20140505 on) and current 14.1 beta (thought parts were already fixed with admin rewrite). Please participate in 14.1 beta to ensure your instance will update painless, when 14.1 got finally released. Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2014-02-19 08:52:41
|
This release contains security fixes for: a) arbitrary file overwrite (with rights of webserver user on server) b) remote code execution (on client/browser) It is recommended to update ASAP! Thanks to Pedro Ribeiro <pe...@gm...> of Agile Information Security for discovering and reporting the problem to us. Please see changelog for other fixes contained in this release: http://www.egroupware.org/changelog Thanks to everyone who helped with this release. Some news about upcomming new release 14.1: - Stylite AG's internal EGroupware is updated to 14.1 and we do all our internal work with it since 3 weeks - publishing of a public demo will happen withing next days - next milestones are: + public trials and hosting in Stylite cloud + release for local installation Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2013-10-01 16:39:01
|
This release contains a fix for a remove code execution vulnerability. It is recommended to update ASAP! Thanks to Marcel Mangold <mar...@sy...>, Pascal Uter <pas...@sy...> from SySS GmbH for discovering and reporting the problem to us. The new version contains 3 major parts: a) already mentioned fix for remove code execution vulnerability b) further security hardening of EGroupware as recommended by SySS GmbH: - using now httponly and secure cookies (secure only if https is used to login) - header.inc.php uses for new installations or on update now secure password hashes like they were used for accounts since some time now - setup uses now a session instead of storing credentials in a cookie - html downloads from Filemanager now either force a download or - if brower supports - use a content-security-policiy header to mitigate risk of session hijacking - blowfish_crypt is now marked as most secure hashing algorithmus for passwords and used by default on new installations c) regular bugfixes in all modules since 1.8.004 see http://www.egroupware.org/changelog Thanks to everyone who helped with this release. We are currently working on a new shared community and EPL release expected later this year. It will contain exicting new features, a complete new look and some previous EPL-only features will become available to the whole EGroupware comunity. Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2012-04-05 17:28:01
|
This release contains a fix for a XSS (cross-site-scripting) vulnerability, it is recommended to update ASAP! Thanks to Marcos M Garcia <marcositu-at-gmail.com> for discovering and reporting the problem to us. The release contains a couple of database schema updates, unlike regular minor version updates. Unfortunately this cant be helped for the intended fixes to work. SO YOU HAVE TO VISIT SETUP AND RUN THE OFFERED UPDATES! The new version contains 4 major parts: a) already mentioned fix for a XSS (cross-site-scripting) vulnerability b) backported security features from Trunk: - more secure password hashing types: sha512_crypt, sha256_crypt - enable automatic migration to sha512_crypt, if accounts in SQL or LDAP (but only on Linux, as OpenLDAP has not native support for it) - session listing without the need of a listable (less secure) session directory c) numerous CalDAV and CardDAV fixes (EGroupware 1.8.004 is now far more standard compliant then 1.8.002!) - show calendars and addressbooks selected to sync under user calendar- or addressbook-home-set allowing clients to automatic detect them - CalDAV scheduling support allows clients eg. to show free busy status of invited participants - client can choose the url for new events or contacts (standard requirement!) - allow clients to store attributes (eg. calendar colors) via PROPPATCH - store unknown attributes (eg. location based alarms) in custom fields in InfoLog - CardDAV works now with LDAP backend - ability to log and display CalDAV/CardDAV traffic without access to commandline of server --> CalDAV/CardDAV is now recommended over SyncML, which will be no longer supported in the next major release! d) many bugfixes in all modules since 1.8.002 see http://www.egroupware.org/changelog Thanks to everyone who helped testing this release. Ralf -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2011-11-11 18:33:42
|
Just released a new maintenance release for 1.8.002, fixing the bugs mentioned below: * SyncML: fix WBXML namespache issue (bug 3048) * eMail: bug regarding the mimetype of uploaded files; FF701 reports wrong mime type; work around this, by always checking mimetype by suffix * Calendar/sync: handle error regarding not getting an egw_time object but no exception is thrown; may be php 5.2.x related. * Filemanager/eTemplate: fix for MyStylite bug #2495: deleting files containing [ as first char deletes whole directory * GroupDAV/CalDAV/CardDAV: removed alternative approach from groupdav.htaccess, as it is not suffient for iOS 4.3+ iCal For Download instructions see www.egroupware.org/download Ralf -- Ralf Becker Director Software Development Stylite GmbH [open style of IT] Morschheimer Strasse 15 67292 Kirchheimbolanden fon +49 (0) 6352 70629-0 fax +49 (0) 6352 70629-30 mailto: rb...@st... www.stylite.de www.egroupware.org ________________________________________________ Geschäftsführer Andre Keller, Ralf Becker Registergericht Kaiserslautern HRB 30575 Umsatzsteuer-Id / VAT-Id: DE214280951 |
From: Ralf B. <rb...@st...> - 2011-10-11 14:43:43
|
Just released a new maintenance release for 1.8.002, fixing a lot of bugs mentioned below: * Calendar: not using freebusy rights for searching calendar, as it would allow to probe for event contents * tracker: mailhandling, fixing a problem with -> not correctly extracting mailadresses <- when adresses contained UpperCase Letters * email: fix for missing style color:red in notification messages * tracker: mailhandling - prevent to use rsh or ssh to establish connection * API: decodeMailHeader handle nested encoding for imap_mime_header_decode * API: take care of INNODB and STRICT_TRANS_TABLES for recent mysql installations * calendar/holidays: fix charset for japanese holidays * API: taking care of sorting AND filtering by customfields with names containing whitespace; (best way to deal with this issue, is not using whitespace in your customfield names at all) * sitemanager: fix PostgreSQL error reported on org-tracker (#2956) * WebDAV: fix for Netdrive to work correct with non-ascii chars like German umlauts * WebDAV: allow locking of not (yet) existing files to create them * Tracker: fixed not working file write rights for assignee * Filemanager: fixed not working rename of file, if path contains a # or ? * eMail/eMailAdmin: is_a compatibility vs. php5.3.8 resolving to instanceof operator * Filemanager/WebDAV: understand Windows7 modification time attribute and setting and returning is as vfs modification time * Addressbook/csv-import: fix/enable update of account - userdata when accounts are stored with ldap. If the condition is on account_id, we supplement the condition with owner=0 (this is needed to correctly determine the storage engine (ldap/sql) for accounts); we strongly recomment NOT to try to use this for adding accounts: use admin import definitions for that task * eMailAdmin: fix problem with UpperLowerCase User Names, use lower case usernames ONLY, when accessing / creating / updating mailboxes * SyncML: Fix WBXML encoding issue (community bug#3020 and SyncEvolution issue bug#2975) * API: is_a compatibility vs. php5.3.8 resolving to instanceof operator for most common basic classes * eMail/Sieve/Vacation: set default to 7 for days setting in vacation for new vacation setups * CalDAV/GroupDAV: return empty collection, as iCal under iOS 5 had problems with returning "404 Not found" status * Calendar: added windows timezones to all installations (was added in calendar update 1.7.005, but not to new installs) For Download instructions see www.egroupware.org/download Ralf -- Ralf Becker Director Software Development Stylite GmbH [open style of IT] Morschheimer Strasse 15 67292 Kirchheimbolanden fon +49 (0) 6352 70629-0 fax +49 (0) 6352 70629-30 mailto: rb...@st... www.stylite.de www.egroupware.org ________________________________________________ Geschäftsführer Andre Keller, Ralf Becker Registergericht Kaiserslautern HRB 30575 Umsatzsteuer-Id / VAT-Id: DE214280951 |
From: Ralf B. <rb...@st...> - 2011-08-05 15:18:53
|
Stylite EGroupware software news - information for administrators ----------------------------------------------------------------------------------- Security and bugfix update for the following EGroupware versions: 1. EGroupware Enterprise Line (EPL) 11.1 and 10.1 2. EGroupware Community Edition 1.8 ----------------------------------------------------------------------------------- Stylite recommends to update your EGroupware system urgently due to the included security fixes. ----------------------------------------------------------------------------------- The update packages contain in particular, besides plenty of bug fixes: 1. Fixes regarding security issues like 'local file inclusion', 'sql injection', 'reflected xss' and 'open redirect'. 2. CalDAV/CardDAV redirect for iOS 4.3.1+ regarding automatic account registration (manual modification of groupdav.htaccess and apache.conf may occur, in case of previous adjustments differing from standard installation routines). Further information about the package content: EGroupware EPL versions: http://www.egroupware.org/epl-changelog Community Edition: http://www.egroupware.org/changelog EPL customers using Stylite Managed EGroupware Hosting are unaffected. All Stylite computing center systems are operated on actual EGroupware software release level. Kind Regards Ralf ----------------------------------------------------------------------------------- Changelog: * Security issues fixed: local file inclusion, sql injection, refelected xss and open redirect --> we recommend to update ASAP * PostgreSQL/EMailAdmin: fixed not storable EMailAdmin profiles * Addressbook/LDAP: fixed lettersearch by backporting LDAP class from trunk * Setup: making SSHA (salted sha1) hashes the default password hash for SQL and LDAP * setup/login: fixed not working password (hash) migration * InfoLog: fixed not working link-search (Parameter 2 to infolog_bo::link_query() expected to be a reference) * Calendar/CalDAV: fixed SQL error on ctag generation, if no ACL rights for requested group calendar exists * Calendar/CalDAV: fixed wrong line-defolding, if folding occured in whitespace * Calendar/CalDAV: use X-EGROUPWARE-UID only, if it resolves to same email (otherwise we are in trouble if different EGw installs talk to each other) * Calendar: fixed not included organizer in meeting request * Calendar: fixed not working freetime search caused by not mbstring.func_overload supporting xajax libary * Manual: use https for accessing manual.egroupware.org to not get page contains unsave content warnings * IE9: enable IE dropdown menu hack only for IE<9, as it stalls IE9 www.stylite.de bug #1722 * workaround for Fennec bug https://bugzilla.mozilla.org/show_bug.cgi?format=multiple&id=648250 window.(outerHeight|outerWidth|screenX|screenY) throw exception * eMail: fixed bug for not getting multiple unnamed attachments, while saving a mail to infolog or tracker * eMail: improving of the fetching of cids; match cid to filename if the attempt to match the cid failed * eMail: match cid to filename if the attempt to match the cid failed -> extending the fetch attempt even for non cid attachments, when nothing is found within the previous loops * Admin/VFS/LDAP: on saving a group, check if group directory exists and create it if not * CalDAV/GroupDAV/KDE Akonadi seems to require redundant namespaces, see KDE bug #265096 https://bugs.kde.org/show_bug.cgi?id=265096 * eMail: regard addressbook preference to hide accounts or not in ajax search for emailadresses while composing messages * eMail: fix for displayed message body is null: if charset reported is reported not correctly, converting to utf-8 may not succeed as expected, leaving some non utf-8 chars which may lead to problems with json_encode; * Fix RRULE parser (UTC fix) - Bug#29...@eg... * Calendar: fixed not working accept/reject of invitations, if participant is in a group with only a freebusy grant * Generate well-formed XML for Funambol and SyncEvolution clients (community bug#2975) * Improved support for new SyncML clients/client versions * Calendar: fixed in readonly events custom fields were still editable * notification/email: support filter since (only check unseen mails for the last 14 days) when notify for unseen mails * CalDAV: user agent detection of OS X 10.7 Lion iCal app (CoreDav instead of DavKit) * CalDAV/CardDAV redirect for iOS 4.3.1+ to autodetect accounts * Calendar: show status set for the whole series at recurrences too, unless they have an individual status * Calendar: fixed typo in merge, denying implicit participants rights eg. required to accept a meeting * NTLM authentication: limit redirect, if NTLM auth could not be performed, to same domain, EGroupware domain, or explicitly whitelisted domains * Filemanager popup: fixed sometimes missing first directory, eg. in favorites * API fix PHP fatal error wakeup2 is no method ..., when comming from setup * API fix webserver_url of just a domain eg. http://domain.com gives PHP Warning empty delimiter ... * PEAR: automatic upgrade or install of required PEAR packages via package post_instal.php (only package installs!) -- Ralf Becker Director Software Development Stylite AG Morschheimer Strasse 15 | Tel. +49 6352 70629 0 D-67292 Kirchheimbolanden | Fax. +49 6352 70629 30 Email: rb...@st... www.stylite.de | www.egroupware.org Managing Directors: Andre Keller | Ralf Becker | Gudrun Mueller Chairman of the supervisory board: Prof. Dr. Birger Leon Kropshofer Commerzbank BLZ 55040022 | Account 218111300 IBAN DE33 5504 0022 0218 1113 00 | BIC COBADEFFXXX VAT DE214280951 | Registered HRB 31158 Kaiserslautern Germany |
From: Ralf B. <rb...@st...> - 2011-04-21 15:43:15
|
As an eastern present: new maintenance release for 1.8. It fixes a lot of PostgreSQL related bugs and some others: * Addressbook: lettersearch was not working for addressbooks in LDAP if PostgreSQL database was used (bug #2851) * Calendar: fixed not working "use event TZ" pref for iCal exports and allways use event TZ for calendar notifications (NOT use file export pref.) * SyncML/Calendar/PostgreSQL: fixed SQL error when searching participants (SELECT DISTINCT requires ORDER-BY-expressions to be in SELECT-list) * Wiki/PostgreSQL: fixed SQL error when viewing history (#2927), PostgreSQL needs mixed case names quoted * PostgreSQL: when importing/updating timezones, only query last insert id, if not already in database (gives warning for PostgreSQL) * Addressbook/PostgreSQL: lettersearch in organisation-view allways returned empty * Preferences: fixed not working setting of preferences without a logout * addressbook: enable advanced search for addressbook org view * eMail: fix for styliteTracker Bug#1471 (adding more than 4 lines of addresses to a mail in compose-dialog shrinks the address-area to a height of 0 with IE9) * eMail: make sure the quotaDisplay is refreshed on Message List refresh * Admin: fix for reported error regarding wrong count of lines in Admin -> view error log (note, not all errors are logged there, only some. Its only used for some error logging, most of error logging is done/directed to the webservers error log) * Addressbook/PostgreSQL: fixed SQL error when checking "use whole query" * SiteMgr: fixed detection of downloaded content, using Content-Type header now and adding style="white-space: pre-wrap; text-aling: left;" to pre-tag for textfiles * Preference: fixed PHP Fatal error: Cannot use string offset as an array on line 550, by importing preference class from trunk * PostgreSQL/Addressbook: fixed SQL error when listing account, groups or querying birthdays For Download instructions see www.egroupware.org/download Ralf -- Ralf Becker Director Software Development Stylite GmbH [open style of IT] Morschheimer Strasse 15 67292 Kirchheimbolanden fon +49 (0) 6352 70629-0 fax +49 (0) 6352 70629-30 mailto: rb...@st... www.stylite.de www.egroupware.org ________________________________________________ Geschäftsführer Andre Keller, Ralf Becker Registergericht Kaiserslautern HRB 30575 Umsatzsteuer-Id / VAT-Id: DE214280951 |
From: Ralf B. <rb...@st...> - 2011-04-09 19:58:22
|
Just released a new maintenance release for 1.8, fixing a lot of bugs mentioned below: * updated phpfreechat to version 1.3 to fix php 5.3 depricated warnings * correctly parsing of "time-range" REPORT filter, giving a SQL error before because it requires comparing as unix timestamp not strings * Gallery: ignoring ERROR_OBSOLETE_DATA in editAccount hook, as it seems to indecated no error, but nothing changed * removing memory limit from backup download, by switching off output buffering and zlib output compression * fixed handling of + char in VFS filenames (using egw_vfs::decodePath() instead of urldecode()) * ImportExport: fixed translation default value not working (eg. "1|>one||2|>two||other") * CalDAV/Lightning: fixed under some conditions infinit poping up alarms and user not able to add alarms * Calendar: fixed in some cases not updated alarms, if event got moved * LDAP addressbook filter for all addressbooks by "(objectclass=inetorgperson)" to not get eg. computer accounts from Samba * Calendar: no longer returning private events of other user while searching, as it can reveal private information * Wiki: fixed and documented wiki makros: PageSize, LinkTable, PageLinks, PageRefs, OrphanedPages, WantedPages and Transclude * Calendar: fixed SQL error on search: Argument of OR must be of type boolean, not of type smallint * Calendar: fixed PostgreSQL error on transfering records of a delted user to an other one * fixed not working scheduled import from vfs * SiteMgr: allow to import permissions from a previous exported dump (requires identical user and group names to exist) * wiki: fixed not working xml export using url http://example.org/egroupware/wiki/index.php?page=Pattern&action=xml&lang=en * updated .htaccess to memory_limit=256M * fixed not working async service test-job * exceptions in async jobs no longer stop other jobs, but log the exception to Apache error_log * Calendar: store async job of alarm with alarm owner as owner to get eg. the correct from address * ProjectManager: fixed storing a project with unchanged completion=0%, wrongly sets it to "none" * ProjectManager: fixed not show status bar in project, if no times set for elements * ProjectManager: fixed ganttchart generated twice (instead reading it from temp. dir) * ProjectManager: fixed not working switch from real to planned times of projects in ganttchart * ProjectManager: use calculated start time to calculate end-times, eg. InfoLog DS returned only planned end-times before * eMail: ask confirmation before deleting a folder in manage folders * Calendar: fixed not working "hideprivate" filter (shows own private events as private, not NOT showing them) * updated timezone database to version 1.2011b from current Lightning snapshot * API: upgrade to purifier Version 4.3.0 * give everyone implicit rights for home app, as taking them away makes to many support problems * WebDAV download: switching zlib.output_compression off for everything but text files * CalDAV: improved performance of ctag generation * Calendar/CalDAV: ctag got not updated when eg. a recurrence got deleted, causing CalDAV calendar to not automatic update * Setup: fixed not working deinstall of languages * Calendar/API: fixed not working dateformat d-M-Y with French language (Juin=Jun, Juillet=Jui) * check quantity of resource to book against maximum, as conflict check only fails if other events are involved * Calendar: fixed status of all recurrences get set to "unknown", if status of a single recurrence get changed (#2916) Attention Ubuntu 10.04 LTS users: -------------------------------- We build now the segmentation fault free Ubuntu 10.10 PHP 5.3.3 packages for 10.04. They are available via EGroupware software repository. If you already use EGroupware packages from there: aptitude update; aptitude upgrade should be all you need to do. For Downlaod instructions see www.egroupware.org/download Ralf -- Ralf Becker Director Software Development Stylite GmbH [open style of IT] Morschheimer Strasse 15 67292 Kirchheimbolanden fon +49 (0) 6352 70629-0 fax +49 (0) 6352 70629-30 mailto: rb...@st... www.stylite.de www.egroupware.org ________________________________________________ Geschäftsführer Andre Keller, Ralf Becker Registergericht Kaiserslautern HRB 30575 Umsatzsteuer-Id / VAT-Id: DE214280951 |
From: Ralf B. <rb...@st...> - 2011-02-14 14:56:17
|
1.8.001.20110214: * eMail: fix for a problem reported with FreeBSD regarding the generation of random strings for temp-filenames * Notifications: fix dont try to notify when none is set/forced for folders to check for new mails; dont try to notify when email as module is not enabled for the particular user * eMail: remove invalid -at- when occurring in full name, when adding address to email; skip addresses that produce a parse error while parsed with imap_rfc822_parse_adrlist * eMail: fixed error reported with the user-list: Warning on Felamimail, error array_merge in line 1600 * fixed birthday of contacts/accounts in LDAP could not be modified in addressbook * WiKi: Edit permissions now do imply read permissions * ImportExport: Replace CRLF with LF so excel does not break lines early (myStylite#974) * CSV Export: Replace CRLF with LF so excel does not break lines early (myStylite#974) * ProjectManager config allow non-admin to change working times was not working * Calendar: invite rights, should NOT implicate a freebusy rights (users with invite rights could see freebusy times of other users) * JSCalendar: fixed week containing 4th Jan is shown as 52th instead 1st week, if week starts on sunday is selected * dont give sql error in gathering statistic data, if table does not exists (eg. Gallery is not installed) * Weeknumbers in calendar views, were wrong for week-start-day other then Monday * addressbook: check if typefilter is valid (type available), if not remove it * addressbook: postgres compatibility for distributionlists * eMail: not filtering own(ed) emailaddresses out of drafts while reopening them for continued processing * calendar: PANAMA holidays provided by rafael chacon * eMail: preview now requires user action (click on) * fixed "undefined function lang_select" issue, if no cookies are allowed, also showing again language selection for new installs * Calendar: fixed overlapping columns to result in equally wide visible parts for unlimited number of columns * SambaAdmin: try binded as $accountDN with $_newPassword, in case root DN has no rights to modify anything -- Ralf Becker <rb...@st...> Mon, 14 Feb 2011 15:04:52 +0100 -- Ralf Becker Director Software Development Stylite GmbH [open style of IT] Morschheimer Strasse 15 67292 Kirchheimbolanden fon +49 (0) 6352 70629-0 fax +49 (0) 6352 70629-30 mailto: rb...@st... www.stylite.de www.egroupware.org ________________________________________________ Geschäftsführer Andre Keller, Ralf Becker Registergericht Kaiserslautern HRB 30575 Umsatzsteuer-Id / VAT-Id: DE214280951 |