What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-4880
2009-05-12 23:51:43
--------------------------------------------------------------------------------

Name        : squirrelmail
Product     : Fedora 10
Version     : 1.4.18
Release     : 1.fc10
URL         : https://www.squirrelmail.org/
Summary     : SquirrelMail webmail client
Description :
SquirrelMail is a basic webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no Javascript) for maximum
compatibility across browsers.  It has very few requirements and is very
easy to configure and install.

--------------------------------------------------------------------------------
Update Information:

squirrelmail is now able to work with unsigned 32bit UID values with 32-bit
version of php
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 12 2009 Michal Hlavinka  - 1.4.18-1
- updated to 1.4.18
* Wed Mar 18 2009 Michal Hlavinka  - 1.4.17-4
- don't use white text (invisible on white paper) for highlighting
  in conf.pl (#427217)
* Tue Mar 17 2009 Michal Hlavinka  - 1.4.17-3
- dont use colors in conf.pl by default (#427217)
* Thu Dec  4 2008 Michal Hlavinka  - 1.4.17-2
- add missing locales
* Thu Dec  4 2008 Michal Hlavinka  - 1.4.17-1
- update to 1.4.17 (fixes CVE-2008-2379)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #500360 - CVE-2009-1579 SquirrelMail: Server-side code injection in map_yp_alias username map
        https://bugzilla.redhat.com/show_bug.cgi?id=500360
  [ 2 ] Bug #500358 - CVE-2009-1580 SquirrelMail: Session fixation vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=500358
  [ 3 ] Bug #500356 - CVE-2009-1581 SquirrelMail: CSS positioning vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=500356
  [ 4 ] Bug #500363 - CVE-2009-1578 SquirrelMail: Multiple cross site scripting issues
        https://bugzilla.redhat.com/show_bug.cgi?id=500363
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update squirrelmail' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 10 Update: squirrelmail-1.4.18-1.fc10

May 12, 2009
squirrelmail is now able to work with unsigned 32bit UID values with 32-bit version of php

Summary

SquirrelMail is a basic webmail package written in PHP4. It

includes built-in pure PHP support for the IMAP and SMTP protocols, and

all pages render in pure HTML 4.0 (with no Javascript) for maximum

compatibility across browsers. It has very few requirements and is very

easy to configure and install.

Update Information:

squirrelmail is now able to work with unsigned 32bit UID values with 32-bit version of php

Change Log

* Tue May 12 2009 Michal Hlavinka - 1.4.18-1 - updated to 1.4.18 * Wed Mar 18 2009 Michal Hlavinka - 1.4.17-4 - don't use white text (invisible on white paper) for highlighting in conf.pl (#427217) * Tue Mar 17 2009 Michal Hlavinka - 1.4.17-3 - dont use colors in conf.pl by default (#427217) * Thu Dec 4 2008 Michal Hlavinka - 1.4.17-2 - add missing locales * Thu Dec 4 2008 Michal Hlavinka - 1.4.17-1 - update to 1.4.17 (fixes CVE-2008-2379)

References

[ 1 ] Bug #500360 - CVE-2009-1579 SquirrelMail: Server-side code injection in map_yp_alias username map https://bugzilla.redhat.com/show_bug.cgi?id=500360 [ 2 ] Bug #500358 - CVE-2009-1580 SquirrelMail: Session fixation vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=500358 [ 3 ] Bug #500356 - CVE-2009-1581 SquirrelMail: CSS positioning vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=500356 [ 4 ] Bug #500363 - CVE-2009-1578 SquirrelMail: Multiple cross site scripting issues https://bugzilla.redhat.com/show_bug.cgi?id=500363

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update squirrelmail' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : squirrelmail
Product : Fedora 10
Version : 1.4.18
Release : 1.fc10
URL : https://www.squirrelmail.org/
Summary : SquirrelMail webmail client

Related News

Linux version of Qilin ransomware focuses on VMware ESXi

Dec 4, 2023

OpenSSL 3.2 Adds Support for TCP Fast Open on Linux, Argon2 KDF, and More

Nov 27, 2023

Firefox 119 Starts to Roll Out Improved Firefox View Feature, Ramps Up Privacy and Security

Oct 25, 2023

Severe Poppler DoS Flaw Fixed

Oct 25, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo