[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted squirrelmail 2:1.4.4-8 (source all)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue,  7 Mar 2006 13:08:55 +0100
Source: squirrelmail
Binary: squirrelmail
Architecture: source all
Version: 2:1.4.4-8
Distribution: stable-security
Urgency: high
Maintainer: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
Changed-By: Thijs Kinkhorst <kink@squirrelmail.org>
Description: 
 squirrelmail - Webmail for nuts
Closes: 354062 354063 354064 355424
Changes: 
 squirrelmail (2:1.4.4-8) stable-security; urgency=high
 .
   * Fix IMAP command injection in sqimap_mailbox_select
     with upstream patch. [CVE-2006-0377] (Closes: #354063)
   * Fix possible XSS in MagicHTML, concerning the parsing
     of u\rl and comments in styles. Internet Explorer
     specific. [CVE-2006-0195] (Closes: #354062)
   * Fix possible cross site scripting through the right_main
     parameter of webmail.php. This now uses a whitelist of
     acceptable values. [CVE-2006-0188] (Closes: #354064, #355424)
Files: 
 140546ee9c0534419ddcaf3c7e632110 678 web optional squirrelmail_1.4.4-8.dsc
 f50548b6f4f24d28afb5e6048977f4da 575871 web optional squirrelmail_1.4.4.orig.tar.gz
 15ddd8f4db234006a1ac290087640dfc 24654 web optional squirrelmail_1.4.4-8.diff.gz
 2087dcea05cd5e1c4033f15cf120761a 570472 web optional squirrelmail_1.4.4-8_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFEDvGxXm3vHE4uyloRAn2ZAJwN1Zs9zK3jMUyh9xRrr4HUtmOQNwCeLy4L
/FHjFyLK/gah37AB2DoXg74=
=Nfw/
-----END PGP SIGNATURE-----


Accepted:
squirrelmail_1.4.4-8.diff.gz
  to pool/main/s/squirrelmail/squirrelmail_1.4.4-8.diff.gz
squirrelmail_1.4.4-8.dsc
  to pool/main/s/squirrelmail/squirrelmail_1.4.4-8.dsc
squirrelmail_1.4.4-8_all.deb
  to pool/main/s/squirrelmail/squirrelmail_1.4.4-8_all.deb
Reply to: