diff --git a/bundles/groupware/docs/CHANGES b/bundles/groupware/docs/CHANGES
index 6ce9d5e5215..ac27e76ac10 100644
--- a/bundles/groupware/docs/CHANGES
+++ b/bundles/groupware/docs/CHANGES
@@ -2,6 +2,10 @@
v5.2.10-git
-----------
+Files Changes
+-------------
+[mjr] SECURITY: Fix XSS vulnerability when viewing directory contents
+ (Discovered by http://www.beyondsecurity.com/ssd.html).
------
diff --git a/bundles/groupware/docs/RELEASE_NOTES b/bundles/groupware/docs/RELEASE_NOTES
index 1e41f51c535..c814a05fc7a 100644
--- a/bundles/groupware/docs/RELEASE_NOTES
+++ b/bundles/groupware/docs/RELEASE_NOTES
@@ -1,11 +1,11 @@
for
+discovering the vulnerability.
+
+The major changes compared to the Horde Groupware version 5.2.9 are:
+ * SECURITY: Fix XSS vulnerability in Files application when viewing
+ directory contents.
ML;
$notes['name'] = 'Horde Groupware';
diff --git a/bundles/groupware/package.xml b/bundles/groupware/package.xml
index 1074321674d..2f6b301731e 100644
--- a/bundles/groupware/package.xml
+++ b/bundles/groupware/package.xml
@@ -21,7 +21,7 @@
OSI certified
-*
+* [mjr] Update Gollem.
@@ -83,7 +83,7 @@
gollem
pear.horde.org
- 3.0.4
+ 3.0.5
4.0.0alpha1
4.0.0alpha1
@@ -613,7 +613,7 @@
2015-08-02
OSI certified
-*
+* [mjr] Update Gollem.
diff --git a/bundles/webmail/docs/CHANGES b/bundles/webmail/docs/CHANGES
index 92cee237e5e..c568d32b55e 100644
--- a/bundles/webmail/docs/CHANGES
+++ b/bundles/webmail/docs/CHANGES
@@ -2,6 +2,10 @@
v5.2.10-git
-----------
+Files Changes
+-------------
+[mjr] SECURITY: Fix XSS vulnerability when viewing directory contents
+ (Discovered by http://www.beyondsecurity.com/ssd.html).
------
diff --git a/bundles/webmail/docs/RELEASE_NOTES b/bundles/webmail/docs/RELEASE_NOTES
index b46ac55e6dd..4dd6181a265 100644
--- a/bundles/webmail/docs/RELEASE_NOTES
+++ b/bundles/webmail/docs/RELEASE_NOTES
@@ -1,11 +1,11 @@
for
+discovering the vulnerability.
- * Release to fix application versions in package file. No other changes from
- version 5.2.8.
+The major changes compared to the Horde Groupware Webmail Edition version 5.2.9
+are:
+ * SECURITY: Fix XSS vulnerability in Files application when viewing
+ directory contents.
ML;
$notes['name'] = 'Horde Groupware Webmail Edition';
diff --git a/bundles/webmail/package.xml b/bundles/webmail/package.xml
index 49ecacf9513..906e6f40408 100644
--- a/bundles/webmail/package.xml
+++ b/bundles/webmail/package.xml
@@ -21,7 +21,7 @@
OSI certified
-*
+* [mjr] Update Gollem.
@@ -667,7 +667,7 @@
2015-08-02
OSI certified
-*
+* [mjr] Update Gollem.