Accepted squirrelmail 1:1.2.6-1.4 (all source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 31 Jul 2004 13:26:35 +0200
Source: squirrelmail
Binary: squirrelmail
Architecture: source all
Version: 1:1.2.6-1.4
Distribution: stable-security
Urgency: high
Maintainer: Sam Johnston <samj@debian.org>
Changed-By: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
Description:
squirrelmail - Webmail for nuts
Closes: 257961 257972 257973
Changes:
squirrelmail (1:1.2.6-1.4) stable-security; urgency=high
.
* Non-maintainer upload for security issues. Thanks to Thijs Kinkhorst for
tracking down the 1.2.x issues
* [CAN-2004-0521] Fix SQL injection vulnerability when using
addressbook-in-SQL-database (Closes: #257961)
* [CAN-2004-0519, CAN-2004-0520] Fix multiple XSS issues, some exploitable
by incoming email (Closes: #257972)
* [CAN-2004-0639] Backport fixes for multiple XSS issues found between 1.2.6
and 1.2.12, some exploitable by incoming email (Closes: #257973)
* Fix a bug preventing the Table of Contents of the Help system to be shown,
which was introduced in the 1:1.2.6-1.1 security update.
Files:
9e3f6fb2b152cb6086be738abc5e1021 586 web optional squirrelmail_1.2.6-1.4.dsc
0f07dc4c32a8356344ba5f39d6c2373a 20493 web optional squirrelmail_1.2.6-1.4.diff.gz
34057494a43f7a136276d821956e010a 1840376 web optional squirrelmail_1.2.6-1.4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBDu8IArxCt0PiXR4RAnr3AKCjwzCxLLh7i9CJI9AH9YTZBzRpPgCg32ci
h7ggm8mmQyBOM5RyWPQfJFg=
=pX45
-----END PGP SIGNATURE-----
Accepted:
squirrelmail_1.2.6-1.4.diff.gz
to pool/main/s/squirrelmail/squirrelmail_1.2.6-1.4.diff.gz
squirrelmail_1.2.6-1.4.dsc
to pool/main/s/squirrelmail/squirrelmail_1.2.6-1.4.dsc
squirrelmail_1.2.6-1.4_all.deb
to pool/main/s/squirrelmail/squirrelmail_1.2.6-1.4_all.deb
Reply to: