——————————————————————————–
Fedora Update Notification
FEDORA-2015-8479
2015-05-19 11:37:55
——————————————————————————–

Name : zarafa
Product : Fedora 20
Version : 7.1.12
Release : 2.fc20
URL : http://www.zarafa.com/
Summary : Open Source Edition of the Zarafa Collaboration Platform
Description :
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The
Open Source Collaboration provides an integration with your existing Linux
mail server, native mobile phone support by ActiveSync compatibility and a
webaccess with ‘Look & Feel’ similar to Outlook using Ajax. Including an
IMAP and a POP3 gateway as well as an iCal/CalDAV gateway, the Zarafa Open
Source Collaboration can combine the usability with the stability and the
flexibility of a Linux server.

The proven Zarafa groupware solution is using MAPI objects, provides a MAPI
client library as well as programming interfaces for C++, PHP and Python.
The other Zarafa related packages need to be installed to gain all features
and benefits of the Zarafa Collaboration Platform (ZCP).

——————————————————————————–
Update Information:

– Upgrade to 7.1.12 (re-released)
– Backported patch from Zarafa 7.2 to fix CVE-2015-3436
——————————————————————————–
ChangeLog:

* Mon May 18 2015 Robert Scheck <robert@fedoraproject.org> 7.1.12-2
– Upgrade to 7.1.12 (re-released)
– Backported patch from Zarafa 7.2 to fix CVE-2015-3436 (#1222151)
* Tue Apr 7 2015 Robert Scheck <robert@fedoraproject.org> 7.1.12-1
– Upgrade to 7.1.12
– Added multiple minor enhancement and bugfix patches
– Added patch to fix CVE-2014-0103 for PHP < 5.3 (#1073618)
– Handle “su” option in logrotate >= 3.8.0 to avoid errors
* Sat Oct 25 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> 7.1.11-2
– Rebuild for reference-counting-enabled clucene09
* Wed Oct 15 2014 Robert Scheck <robert@fedoraproject.org> 7.1.11-1
– Upgrade to 7.1.11 (#1139442)
– Removed bundled PHP PEAR files/libraries
– Added patch to allow mitigation of SSLv3/POODLE vulnerability
– Added patch to implement ECDHE support (depending on OpenSSL)
– Added patch to allow plaintext authentication from 127.0.0.1
* Tue Aug 26 2014 David Tardon <dtardon@redhat.com> – 7.1.10-5
– rebuild for ICU 53.1
* Mon Aug 25 2014 Robert Scheck <robert@fedoraproject.org> 7.1.10-4
– Fixed multiple incorrect default permissions (#1133439)
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 7.1.10-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Mon Jul 14 2014 Robert Scheck <robert@fedoraproject.org> 7.1.10-3
– Rebuild for gSOAP 2.8.17
* Fri Jul 11 2014 Robert Scheck <robert@fedoraproject.org> 7.1.10-2
– Added a workaround to really support MariaDB (#995870)
– Re-added a patch to allow building without zarafa-search
* Sun Jun 29 2014 Robert Scheck <robert@fedoraproject.org> 7.1.10-1
– Upgrade to 7.1.10
* Fri Jun 20 2014 Remi Collet <rcollet@redhat.com> – 7.1.9-2.1
– rebuild for https://fedoraproject.org/wiki/Changes/Php56
– add numerical prefix to extension configuration file
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 7.1.9-2.1
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 22 2014 Petr Machata <pmachata@redhat.com> – 7.1.9-2
– Rebuild for boost 1.55.0
* Thu May 1 2014 Robert Scheck <robert@fedoraproject.org> 7.1.9-1
– Upgrade to 7.1.9
* Fri Feb 21 2014 Robert Scheck <robert@fedoraproject.org> 7.1.8-3
– Upgrade to 7.1.8 (re-released)
* Fri Feb 14 2014 Parag Nemade <paragn AT fedoraproject DOT org> – 7.1.8-2
– Rebuild for icu 52
* Thu Jan 30 2014 Robert Scheck <robert@fedoraproject.org> 7.1.8-1
– Upgrade to 7.1.8 (#1056767, #1059903)
* Sun Dec 8 2013 Robert Scheck <robert@fedoraproject.org> 7.1.7-1
– Upgrade to 7.1.7 (#1008068)
– Added dependency from gateway and spooler to python-MAPI
– Added requirements to virtual libvmime ABI/API provides
——————————————————————————–
References:

[ 1 ] Bug #1222151 – CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem
https://bugzilla.redhat.com/show_bug.cgi?id=1222151
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update zarafa’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-8487
2015-05-19 11:38:29
——————————————————————————–

Name : zarafa
Product : Fedora 21
Version : 7.1.12
Release : 2.fc21
URL : http://www.zarafa.com/
Summary : Open Source Edition of the Zarafa Collaboration Platform
Description :
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The
Open Source Collaboration provides an integration with your existing Linux
mail server, native mobile phone support by ActiveSync compatibility and a
webaccess with ‘Look & Feel’ similar to Outlook using Ajax. Including an
IMAP and a POP3 gateway as well as an iCal/CalDAV gateway, the Zarafa Open
Source Collaboration can combine the usability with the stability and the
flexibility of a Linux server.

The proven Zarafa groupware solution is using MAPI objects, provides a MAPI
client library as well as programming interfaces for C++, PHP and Python.
The other Zarafa related packages need to be installed to gain all features
and benefits of the Zarafa Collaboration Platform (ZCP).

——————————————————————————–
Update Information:

– Upgrade to 7.1.12 (re-released)
– Backported patch from Zarafa 7.2 to fix CVE-2015-3436
——————————————————————————–
ChangeLog:

* Mon May 18 2015 Robert Scheck <robert@fedoraproject.org> 7.1.12-2
– Upgrade to 7.1.12 (re-released)
– Backported patch from Zarafa 7.2 to fix CVE-2015-3436 (#1222151)
* Tue Apr 7 2015 Robert Scheck <robert@fedoraproject.org> 7.1.12-1
– Upgrade to 7.1.12
– Added multiple minor enhancement and bugfix patches
– Added patch to fix CVE-2014-0103 for PHP < 5.3 (#1073618)
– Handle “su” option in logrotate >= 3.8.0 to avoid errors
* Sat Oct 25 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> 7.1.11-2
– Rebuild for reference-counting-enabled clucene09
——————————————————————————–
References:

[ 1 ] Bug #1222151 – CVE-2015-3436 zarafa: Overwrite arbitrary files in filesystem
https://bugzilla.redhat.com/show_bug.cgi?id=1222151
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update zarafa’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce