squirrelmail (2:1.4.23~svn20120406-2+deb8u2build0.14.04.1) trusty-security;
urgency=medium
* fake sync from Debian
squirrelmail (2:1.4.23~svn20120406-2+deb8u2) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Path traversal vulnerability (CVE-2018-8741)
Directory traversal flaw in Deliver.class.php can allow a remote
attacker to retrieve or delete arbitrary files. (Closes: #893202)
Date: 2018-04-10 12:24:21.058305+00:00
Changed-By: [email protected] (Leonidas S. Barbosa)
Maintainer: Jeroen van Wolffelaar <[email protected]>
https://launchpad.net/ubuntu/+source/squirrelmail/2:1.4.23~svn20120406-2+deb8u2build0.14.04.1
Sorry, changesfile not available.
--
Trusty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
