Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora: Moderate Fix for CSRF Vulnerability in SquirrelMail 2009-8822

fedora
Calendar Grey August 20, 2009
Dist Fedora Esm H88
Security update for Fedora 11 tackling CSRF vulnerabilities in SquirrelMail through enhanced validation protocols.
- Implemented page referal verification mechanism

Summary

SquirrelMail is a basic webmail package written in PHP4. It

includes built-in pure PHP support for the IMAP and SMTP protocols, and

all pages render in pure HTML 4.0 (with no Javascript) for maximum

compatibility across browsers. It has very few requirements and is very

easy to configure and install.

Update Information:

- Implemented page referal verification mechanism. (Secunia Advisory SA34627) - Implemented security token system. (Secunia Advisory SA34627)

Topics%20covered

Topics Covered

security advisory software update Fedora SquirrelMail CSRF issue

Change Log

* Mon Aug 17 2009 Michal Hlavinka - 1.4.19-2 - fix #517312 - CSRF issues in all forms (SA34627)

References


[ 1 ] Bug #517312 - squirrelmail: CSRF issues in all forms https://bugzilla.redhat.com/show_bug.cgi?id=517312

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update squirrelmail' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: squirrelmail
Product: Fedora 11
Version: 1.4.19
Release: 2.fc11
URL: https://www.squirrelmail.org/
Summary: SquirrelMail webmail client

Topics%20covered

Topics Covered

security advisory software update Fedora SquirrelMail CSRF issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here