You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa zarafa

Sigurnosni nedostatak programskog paketa zarafa

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2015-11-23 18:16:20.221071

Name : zarafa
Product : Fedora 21
Version : 7.1.14
Release : 1.fc21
Summary : Open Source Edition of the Zarafa Collaboration Platform
Description :
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The
Open Source Collaboration provides an integration with your existing Linux
mail server, native mobile phone support by ActiveSync compatibility and a
webaccess with ‘Look & Feel’ similar to Outlook using Ajax. Including an
IMAP and a POP3 gateway as well as an iCal/CalDAV gateway, the Zarafa Open
Source Collaboration can combine the usability with the stability and the
flexibility of a Linux server.

The proven Zarafa groupware solution is using MAPI objects, provides a MAPI
client library as well as programming interfaces for C++, PHP and Python.
The other Zarafa related packages need to be installed to gain all features
and benefits of the Zarafa Collaboration Platform (ZCP).

Update Information:

Zarafa Collaboration Platform 7.1.14 final [51822]
================================================== – ZCP-13581: update fck-
editor (for webaccess) to solve CVE-2012-4000 – ZCP-13572: CVE-2015-6566 –
zarafa-autorespond suffers from a potential local privilege escalation –
ZCP-13087: Meeting requests are not being sent with Thunderbird Lightning due to
new functionality – ZCP-13608: Attachments are missing in the Sent items folder
when using a cache profile – ZCP-13243: ser_safe_mode falsely reports that it
would delete users

[ 1 ] Bug #1263006 – CVE-2015-6566 zarafa: Potential local privilege escalation in zarafa-autorespond

This update can be installed with the “yum” update program. Use
su -c ‘yum update zarafa’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarijo Plepelic
Cert idNCERT-REF-2015-11-0029-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa mingw-freeimage

Otkriven je sigurnosni nedostatak u programskom paketu mingw-freeimage. Otkriveni nedostatak je uzrokovan cjelobrojnim prepisivanjem i potencijalnim napadačima omogućuje izvođenje napada...