-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 11 May 2007 18:39:34 -0600
Source: squirrelmail
Binary: squirrelmail
Architecture: source
Version: 2:1.4.9a-1ubuntu0.1
Distribution: feisty-security
Urgency: low
Maintainer: Jeroen van Wolffelaar <[EMAIL PROTECTED]>
Changed-By: leonel <[EMAIL PROTECTED]>
Description:
squirrelmail - Webmail for nuts
Launchpad-Bugs-Fixed: 113725
Changes:
squirrelmail (2:1.4.9a-1ubuntu0.1) feisty-security; urgency=low
.
[SECURITY]
* functions/mime.php,
src/compose.php,
src/view_text.php:
- Validate input to resolve XSS in HTML filter
- Updated to fix regression in initial patch
LP: #113725.
* References:
CVE-2007-1262
http://www.squirrelmail.org/security/issue/2007-05-09
Files:
5fd84cf7801aa82321b15f5702c973a6 739 web optional squirrelmail_1.4.9a-1ubuntu0.
1.dsc
c494e3a735f99c07360552d68d35fc62 23563 web optional squirrelmail_1.4.9a-1ubuntu
0.1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGRRaye9GwFciKvaMRAgwgAJ9QsdTduNEL5DzaNbzzc8j4TrDDEwCdFuES
r4GZYgU99kmCJBXWomLEgts=
=YRM/
-----END PGP SIGNATURE-----
** Changed in: squirrelmail (Ubuntu Feisty)
Status: Confirmed => In Progress
--
Cross site scripting in HTML filter
https://bugs.launchpad.net/bugs/113725
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
