Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Fedora 20: 2015-8479 Moderate: Zarafa Collaboration Patch Update

fedora
Calendar Grey June 5, 2015
Dist Fedora Esm H88
Fedora 20 introduces a vital zarafa patch to address security flaws and system issues, boosting performance. Use 'dnf update zarafa' for updates and review the changelog for specifics
- Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436

Summary

The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The

Open Source Collaboration provides an integration with your existing Linux

mail server, native mobile phone support by ActiveSync compatibility and a

webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an

IMAP and a POP3 gateway as well as an iCal/CalDAV gateway, the Zarafa Open

Source Collaboration can combine the usability with the stability and the

flexibility of a Linux server.

The proven Zarafa groupware solution is using MAPI objects, provides a MAPI

client library as well as programming interfaces for C++, PHP and Python.

The other Zarafa related packages need to be installed to gain all features

and benefits of the Zarafa Collaboration Platform (ZCP).

Update Information:

- Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436

Topics%20covered

Topics Covered

security advisory moderate update Fedora patch Zarafa collaboration platform

Change Log

* Mon May 18 2015 Robert Scheck 7.1.12-2 - Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436 (#1222151) * Tue Apr 7 2015 Robert Scheck 7.1.12-1 - Upgrade to 7.1.12 - Added multiple minor enhancement and bugfix patches - Added patch to fix CVE-2014-0103 for PHP < 5.3 (#1073618) - Handle "su" option in logrotate >= 3.8.0 to avoid errors* Sat Oct 25 2014 Kevin Kofler 7.1.11-2 - Rebuild for reference-counting-enabled clucene09 * Wed Oct 15 2014 Robert Scheck 7.1.11-1 - Upgrade to 7.1.11 (#1139442) - Removed bundled PHP PEAR files/libraries - Added patch to allow mitigation of SSLv3/POODLE vulnerability - Added patch to implement ECDHE support (depending on OpenSSL) - Added patch to allow plaintext authentication from 127.0.0.1 * Tue Aug 26 2014 David Tardon - 7.1.10-5 - rebuild for ICU 53.1 * Mon Aug 25 2014 Robert Scheck 7.1.10-4 - Fixed multiple incorrect default permissions (#1133439) * Mon Aug 18 2014 Fedora Release Engineering - 7.1.10-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Mon Jul 14 2014 Robert Scheck 7.1.10-3 - Rebuild for gSOAP 2.8.17 * Fri Jul 11 2014 Robert Scheck 7.1.10-2 - Added a workaround to really support MariaDB (#995870) - Re-added a patch to allow building without zarafa-search * Sun Jun 29 2014 Robert Scheck 7.1.10-1 - Upgrade to 7.1.10 * Fri Jun 20 2014 Remi Collet - 7.1.9-2.1 - rebuild for https://fedoraproject.org/wiki/Changes/Php56 - add numerical prefix to extension configuration file * Sat Jun 7 2014 Fedora Release Engineering - 7.1.9-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 22 2014 Petr Machata - 7.1.9-2 - Rebuild for boost 1.55.0 * Thu May 1 2014 Robert Scheck 7.1.9-1 - Upgrade to 7.1.9 * Fri Feb 21 2014 Robert Scheck 7.1.8-3 - Upgrade to 7.1.8 (re-released) * Fri Feb 14 2014 Parag Nemade - 7.1.8-2 - Rebuild for icu 52 * Thu Jan 30 2014 Robert Scheck 7.1.8-1 - Upgrade to 7.1.8 (#1056767, #1059903) * Sun Dec 8 2013 Robert Scheck 7.1.7-1 - Upgrade to 7.1.7 (#1008068) - Added dependency from gateway and spooler to python-MAPI - Added requirements to virtual libvmime ABI/API provides

References


[ 1 ] Bug #1222151 - CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem https://bugzilla.redhat.com/show_bug.cgi?id=1222151

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update zarafa' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: zarafa
Product: Fedora 20
Version: 7.1.12
Release: 2.fc20
URL: https://www.kopano.cloud/
Summary: Open Source Edition of the Zarafa Collaboration Platform

Topics%20covered

Topics Covered

security advisory moderate update Fedora patch Zarafa collaboration platform

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here