[El-errata] ELSA-2009-0010 Moderate: Enterprise Linux 3 squirrelmail security update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Mon Jan 12 17:24:53 PST 2009


Enterprise Linux Security Advisory ELSA-2009-0010

https://rhn.redhat.com/errata/RHSA-2009-0010.html

The following updated rpms for Enterprise Linux 3 have been uploaded to 
the Unbreakable Linux Network:

i386:
squirrelmail-1.4.8-8.0.1.el3.noarch.rpm

x86_64:
squirrelmail-1.4.8-8.0.1.el3.noarch.rpm


SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/squirrelmail-1.4.8-8.0.1.el3.src.rpm


Description of changes:

[1.4.8-8.0.1.el3]
- Remove Redhat splash screen banners

[1.4.8-8]
- Resolves: CVE-2008-2379
- fix XSS issue caused by an insufficient html mail sanitation

[1.4.8-7]
- don't transmit cookies under non-SSL connections if the session
  is started under an SSL (https) connection
- Resolves: CVE-2008-3663





More information about the El-errata mailing list