phpGroupWare 0.9.14.004 - Security and Bug Fix Release All users should install this version. There have been several vulnerabilities discovered in previous versions of phpGroupWare. One is a Cross Site Scripting exploit - see http://www.security-corporation.com/articles-20030702-005.html. The other unreported issue relates the Virtual File System being in the document root - as of this release the vfs root must be out of the webroot. Due to these security issues no previous versions of phpGroupWare will be officially supported by the phpGroupWare crew. There are some general bug fixes also included in this release. Cheers phpGroupWare Development Crew.
0.9.14.004 is in cvs
0.9.14.005 is in cvs, has some php3 fixes please send out glsa
todo: Mark stable send out GLSA
old