[SECURITY] [DLA 1484-1] squirrelmail security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1484-1] squirrelmail security update
From: Chris Lamb <lamby@debian.org>
Date: Thu, 30 Aug 2018 16:46:21 +0100
Message-id: <[🔎] 1535643981.1003941.1491492472.6FD27754@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : squirrelmail
Version        : 2:1.4.23~svn20120406-2+deb8u3
CVE IDs        : CVE-2018-14950 CVE-2018-14951 CVE-2018-14952
                 CVE-2018-14953 CVE-2018-14954 CVE-2018-14955 
Debian Bug     : #905023

It was discovered that there were a number of Cross Site Scripting
(XSS) vulnerabilities in the squirrelmail webmail client.

For Debian 8 "Jessie", these issues has been fixed in squirrelmail
version 2:1.4.23~svn20120406-2+deb8u3.

We recommend that you upgrade your squirrelmail packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluIET4ACgkQHpU+J9Qx
HlgweA/8CQFKxZreVcFWefRLu+dsifiXhTl8FL5CPTxFGWW4synrffXBwHBziZzv
lLtq9D2sTZMKFzj1R3EcFLXmv9h1/+5GqULT7WiWEfv4yaph/YbGdsr+2jj44HhZ
7pQcMw/xbXWzVH7O8WCOELxarhWry4jZlnR9frBaeZRIYC0PJqBkMTxYKRdE1Vzp
5QDTPwIrG/OHe1lAezYE55bnb8KLiJp9WRlhN2cZ7za9QBh5GooesNLZ6IqkK08t
Z6fFObm6RdowCHSf2QL52BkLTMyhHiC93FyIit3H0iYSRxmLGTSr+mB1vGy5MpiA
uQGsqlstXnXOqWOwDtCuACAC/XTMUIBv8BqPzO1DffJVFYu3o4qhGuCwvkNCxoqx
wPaFuDWBI0Ppy5gZUNqbxfpucEomzNc7WL7aU+LSUSOSERF3GpkQKo8SFcq3zgpa
qpKTnQFfhelcUWlaAxJm20eeov4zdju6aSxnpduauPWa31V0GbkOKe51T7sfvG7Y
vnPlyj2PF4/Zq9QYpAYqNEkwUNrQjWTThCsrK4fpz6hZIMVuiZv4DCdsGDGhzgG8
UNZ70dKPa/XgQBnSArafzUVUu94qjUPezDWThIQT45XRe/2xdCC1htgjApPruJ+T
6NT10MRL2zkr6K7KEOmbf9kyt0sCYTZhJy7j71XtJFl2rb/OWGs=
=kd5F
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1482-1] libx11 security update
Next by Date: [SECURITY] [DLA 1483-1] 389-ds-base security update
Previous by thread: [SECURITY] [DLA 1482-1] libx11 security update
Next by thread: [SECURITY] [DLA 1483-1] 389-ds-base security update
Index(es):
- Date
- Thread