<?php
/**
 * Release focus. Possible values:
 * 0 - N/A
 * 1 - Initial freshmeat announcement
 * 2 - Documentation
 * 3 - Code cleanup
 * 4 - Minor feature enhancements
 * 5 - Major feature enhancements
 * 6 - Minor bugfixes
 * 7 - Major bugfixes
 * 8 - Minor security fixes
 * 9 - Major security fixes
 */
$this->notes['fm']['focus'] = 8;

/* Mailing list release notes. */
$this->notes['ml']['changes'] = <<<ML
The Horde Team is pleased to announce the final release of the Turba Contact
Manager version H3 (2.0.5).

This is a security release that fixes cross site scripting
vulnerabilities in several of the address book name and contact data
fields. None of the vulnerabilities can be exploited by
unauthenticated users; however, we strongly recommend that all users
of Turba 2.0.4 upgrade to 2.0.5 as soon as possible.

Many thanks to Johannes Greil of SEC Consult
(http://www.sec-consult.com/) for reporting these problems and working
with us to test the fixes.

Turba is the Horde contact management application. It is a production level
address book, and makes heavy use of the Horde framework to provide
integration with IMP and other Horde applications.

Major changes compared to the Turba version H3 (2.0.4) are:
    * Close several XSS vulnerabilities with address book and contact data.
ML;

/* Freshmeat release notes. */
$this->notes['fm']['changes'] = <<<FM
Several XSS vulnerabilities with address book and contact data have
been closed. The holes closed were only exploitable by authenticated
users.
FM;

$this->notes['name'] = 'Turba';
$this->notes['fm']['project'] = 'turba';
$this->notes['fm']['branch'] = 'Horde 3';
