Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

Fedora 29: FEDORA-2019-1a87523729 Moderate: SquirrelMail XSS Issue

fedora
Calendar Grey August 20, 2019
Dist Fedora Esm H88
Roundcube for Fedora 29 enhanced with critical security updates. Discover major upgrades and identified weaknesses.
updated to 1.4 branch snapshot containing several security fixes

Summary

SquirrelMail is a basic webmail package written in PHP4. It

includes built-in pure PHP support for the IMAP and SMTP protocols, and

all pages render in pure HTML 4.0 (with no JavaScript) for maximum

compatibility across browsers. It has very few requirements and is very

easy to configure and install.

updated to 1.4 branch snapshot containing several security fixes

* Wed Jul 10 2019 Michal Hlavinka - 1.4.23-1.20190710

- squirrelmail updated to newer snapshot

* Sun Feb 3 2019 Fedora Release Engineering - 1.4.23-1.20180816

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

[ 1 ] Bug #1616100 - CVE-2018-14955 squirrelmail: persistent XSS in message display via SVG animations [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1616100

[ 2 ] Bug #1616097 - CVE-2018-14954 squirrelmail: persistent XSS in message display the formaction attribute [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1616097

[ 3 ] Bug #1616094 - CVE-2018-14953 squirrelmail: persistent XSS in message display via a "

Change Log

References

Update Instructions

Product: Fedora 29
Version: 1.4.23
Release: 1.fc29.20190710
Summary: webmail client written in php

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.