Fedora 21: Vital Security Alert on Zarafa 7.1.12 File Replacement Threat
fedora
June 5, 2015
- Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436
Summary
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The
Open Source Collaboration provides an integration with your existing Linux
mail server, native mobile phone support by ActiveSync compatibility and a
webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an
IMAP and a POP3 gateway as well as an iCal/CalDAV gateway, the Zarafa Open
Source Collaboration can combine the usability with the stability and the
flexibility of a Linux server.
The proven Zarafa groupware solution is using MAPI objects, provides a MAPI
client library as well as programming interfaces for C++, PHP and Python.
The other Zarafa related packages need to be installed to gain all features
and benefits of the Zarafa Collaboration Platform (ZCP).
Update Information:
- Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436
Topics Covered
Change Log
* Mon May 18 2015 Robert Scheck
References
[ 1 ] Bug #1222151 - CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem
https://bugzilla.redhat.com/show_bug.cgi?id=1222151
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update zarafa' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: zarafa
Product: Fedora 21
Version: 7.1.12
Release: 2.fc21
Summary: Open Source Edition of the Zarafa Collaboration Platform
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!