Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Red Hat: RHSA-2005:595-02 Moderate: SquirrelMail Cross-Site Scripting Fix

red hat
Calendar Grey August 5, 2005
Dist Redhat Esm H88
Critical enhancement patch for squirrelmail released by Red Hat resolving multiple concerns impacting email access features.
An updated squirrelmail package that fixes two security issues is now available

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/

Additionally, users will have to bring up the "Network Proxy" dialog and reset their keys for the settings to take place.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

160241 - CAN-2005-1769 Multiple XSS issues in squirrelmail 162275 - CAN-2005-2095 squirrelmail cross site posting issue


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS: 51264a9a13d8166c6a0d45893043136a squirrelmail-1.4.3a-11.EL3.src.rpm

noarch: 8bae28c011cc422745118524c6f9e4d5 squirrelmail-1.4.3a-11.EL3.noarch.rpm

Red Hat Desktop version 3:

SRPMS: 51264a9a13d8166c6a0d45893043136a squirrelmail-1.4.3a-11.EL3.src.rpm

noarch: 8bae28c011cc422745118524c6f9e4d5 squirrelmail-1.4.3a-11.EL3.noarch.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS: 51264a9a13d8166c6a0d45893043136a squirrelmail-1.4.3a-11.EL3.src.rpm

noarch: 8bae28c011cc422745118524c6f9e4d5 squirrelmail-1.4.3a-11.EL3.noarch.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS: 51264a9a13d8166c6a0d45893043136a squirrelmail-1.4.3a-11.EL3.src.rpm

noarch: 8bae28c011cc422745118524c6f9e4d5 squirrelmail-1.4.3a-11.EL3.noarch.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS: 95770004b2ff1aa0f0ed3819e8b077a0 squirrelmail-1.4.3a-12.EL4.src.rpm

noarch: d5cbae9acad77bd520328aed41841904 squirrelmail-1.4.3a-12.EL4.noarch.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 95770004b2ff1aa0f0ed3819e8b077a0 squirrelmail-1.4.3a-12.EL4.src.rpm

noarch: d5cbae9acad77bd520328aed41841904 squirrelmail-1.4.3a-12.EL4.noarch.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 95770004b2ff1aa0f0ed3819e8b077a0 squirrelmail-1.4.3a-12.EL4.src.rpm

noarch: d5cbae9acad77bd520328aed41841904 squirrelmail-1.4.3a-12.EL4.noarch.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 95770004b2ff1aa0f0ed3819e8b077a0 squirrelmail-1.4.3a-12.EL4.src.rpm

noarch: d5cbae9acad77bd520328aed41841904 squirrelmail-1.4.3a-12.EL4.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CAN-2005-2095 https://www.cve.org/CVERecord?id=CAN-2005-1769

Package List


Advisory ID: RHSA-2005:595-02
Issue date: 2005-08-03
Updated on: 2005-08-05
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 3 - noarch

Red Hat Desktop version 3 - noarch

Red Hat Enterprise Linux ES version 3 - noarch

Red Hat Enterprise Linux WS version 3 - noarch

Red Hat Enterprise Linux AS version 4 - noarch

Red Hat Enterprise Linux Desktop version 4 - noarch

Red Hat Enterprise Linux ES version 4 - noarch

Red Hat Enterprise Linux WS version 4 - noarch

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here