[Secure-testing-team] Bug#528528: [squirrelmail] Please bring latest security-fix release 1.4.18
Philippe Teuwen
phil at teuwen.org
Wed May 13 13:03:43 UTC 2009
Package: squirrelmail
Version: 2:1.4.15-4
Severity: normal
Tags: security
X-Debbugs-CC: secure-testing-team at lists.alioth.debian.org
ANNOUNCE: SquirrelMail 1.4.18 Released
May 12, 2009 by Paul Lesniewski
The SquirrelMail Team is pleased to announce the release of
SquirrelMail version 1.4.18. The most notable changes for this version
are several security fixes, including a couple XSS exploits, a session
fixation issue, and an obscure but dangerous server-side code execution
hole. However, this version also includes three new languages and more
than a few enhancements to things such as the filters plugin, the
address book system and other things under the hood. For more complete
details, see the ReleaseNotes and ChangeLog files included in this
release (they have moved to the doc/ directory). We advise all users of
SquirrelMail software to upgrade. You can download it here.
See also http://www.securityfocus.com/bid/34916/info
--- System information. ---
Architecture: i386
Kernel: Linux 2.6.26-1-486
Debian Release: squeeze/sid
990 testing security.debian.org
990 testing ftp.be.debian.org
500 unstable www.emdebian.org
500 unstable www.debian-multimedia.org
500 unstable sidux.net
500 unstable ftp.be.debian.org
500 unstable debian.jones.dk
500 stable www.debian-multimedia.org
500 stable security.debian.org
1 experimental ftp.be.debian.org
--- Package information. ---
Package's Depends field is empty.
Package's Recommends field is empty.
Package's Suggests field is empty.
More information about the Secure-testing-team
mailing list