ERRATA: [ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail

From: Kurt Lieber (klieber_at_gentoo.org)
Date: 05/25/04

  • Next message: Conectiva Updates: "[CLA-2004:842] Conectiva Security Announcement - mailman"
    Date: Tue, 25 May 2004 14:12:55 -0400
    To: gentoo-announce@lists.gentoo.org
    
    
    

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200405-16:02
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                http://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

      Severity: Normal
         Title: Multiple XSS Vulnerabilities in SquirrelMail
          Date: May 25, 2004
          Bugs: #49675
            ID: 200405-16:02

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Errata
    ======
    The original version of this Security Advisory listed the vulnerable
    versions incorrectly. Whereas the original GLSA listed vulnerable versions
    as "<= 1.4.2" it should have in fact been listed as "< 1.4.3_rc1". The
    corrected "Affected Packages" section appears below.

    Affected packages
    =================

        -------------------------------------------------------------------
         Package / Vulnerable / Unaffected
        -------------------------------------------------------------------
      1 net-mail/squirrelmail < 1.4.3_rc1 >= 1.4.3_rc1

    Availability
    ============

    This GLSA and any updates to it are available for viewing at
    the Gentoo Security Website:

         http://security.gentoo.org/glsa/glsa-200405-16.xml

    License
    =======

    Copyright 2004 Gentoo Technologies, Inc; referenced text
    belongs to its owner(s).

    The contents of this document are licensed under the
    Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/1.0

    
    



  • Next message: Conectiva Updates: "[CLA-2004:842] Conectiva Security Announcement - mailman"