[El-errata] ELSA-2009-0010 Moderate: Enterprise Linux 3 squirrelmail security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Mon Jan 12 17:24:53 PST 2009
Enterprise Linux Security Advisory ELSA-2009-0010
https://rhn.redhat.com/errata/RHSA-2009-0010.html
The following updated rpms for Enterprise Linux 3 have been uploaded to
the Unbreakable Linux Network:
i386:
squirrelmail-1.4.8-8.0.1.el3.noarch.rpm
x86_64:
squirrelmail-1.4.8-8.0.1.el3.noarch.rpm
SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/squirrelmail-1.4.8-8.0.1.el3.src.rpm
Description of changes:
[1.4.8-8.0.1.el3]
- Remove Redhat splash screen banners
[1.4.8-8]
- Resolves: CVE-2008-2379
- fix XSS issue caused by an insufficient html mail sanitation
[1.4.8-7]
- don't transmit cookies under non-SSL connections if the session
is started under an SSL (https) connection
- Resolves: CVE-2008-3663
More information about the El-errata
mailing list