squirrelmail-1.4.8-5.1AXS3.2
エラータID: AXSA:2009-11:01
SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation.
Fixed bugs:
CVE-2008-2379
Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
CVE-2008-3663
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
Update packages.
Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
N/A
SRPMS
- squirrelmail-1.4.8-5.1AXS3.2.src.rpm
MD5: 4f7166a753f87963d172e4d018239408
SHA-256: 70404747dd9da1d5738bcedbcbd6fb16858151936e501438ac8dbb1b4267e882
Size: 3.00 MB
Asianux Server 3 for x86
- squirrelmail-1.4.8-5.1AXS3.2.noarch.rpm
MD5: 7cba7fd9b11eeea88c52d06124a79568
SHA-256: ca610356985d54b823aeaca108a0375edb9fccd3998625a811dd78cb03668c93
Size: 4.31 MB
Asianux Server 3 for x86_64
- squirrelmail-1.4.8-5.1AXS3.2.noarch.rpm
MD5: f44e092b0d0a7c62fbdbd771f706cd6c
SHA-256: 3f8abd8c819fbfe0caba9fc272a68e90015ab8f91fe962e13a428876861920de
Size: 4.32 MB