Fedora 25: squirrelmail Security Update
Summary
SquirrelMail is a basic webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no JavaScript) for maximum
compatibility across browsers. It has very few requirements and is very
easy to configure and install.
fix insufficient escaping of user-supplied data (CVE-2017-7692)
[ 1 ] Bug #1445165 - CVE-2017-7692 squirrelmail: Insufficient escaping of user-supplied data
https://bugzilla.redhat.com/show_bug.cgi?id=1445165
su -c 'dnf upgrade squirrelmail' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-f85c37ae3d 2017-06-02 17:35:06.903270 Product : Fedora 25 Version : 1.4.22 Release : 19.fc25 URL : https://www.squirrelmail.org/ Summary : webmail client written in php Description : SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. fix insufficient escaping of user-supplied data (CVE-2017-7692) [ 1 ] Bug #1445165 - CVE-2017-7692 squirrelmail: Insufficient escaping of user-supplied data https://bugzilla.redhat.com/show_bug.cgi?id=1445165 su -c 'dnf upgrade squirrelmail' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References