ELSA-2012-0103

ULN >
Oracle Linux Errata repository >
ELSA-2012-0103

ELSA-2012-0103 - squirrelmail security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2012-02-08

Description

[1.4.8-5.0.1.el5_7.13]
- Remove Redhat splash screen images

[1.4.8-5.13]
- fix typo in CVE-20210-4555 patch

[1.4.8-5.12]
- patch for CVE-2010-2813 was not complete

[1.4.8-5.11]
- fix: CVE-2010-1637 : Port-scans via non-standard POP3 server ports in
Mail Fetch plugin
- fix: CVE-2010-2813 : DoS (disk space consumption) by random IMAP login
attempts with 8-bit characters in the password
- fix: CVE-2010-4554 : Prone to clickjacking attacks
- fix: CVE-2010-4555 : Multiple XSS flaws
[tag handling]
- fix: CVE-2011-2752 : CRLF injection vulnerability
- fix: CVE-2011-2753 : CSRF in the empty trash feature and in Index Order page

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 4 (i386)	squirrelmail-1.4.8-18.0.1.el4.src.rpm	72eec656501a24ba24028cb18743461b859e55d107542b4e42886b5fd7a26f5b	-	el4_i386_latest
	squirrelmail-1.4.8-18.0.1.el4.noarch.rpm	a704f83a0e208e9f76be899d6f5cea6f8a697e1c592535bfdd6aab6fa6763f09	-	el4_i386_latest

Oracle Linux 4 (ia64)	squirrelmail-1.4.8-18.0.1.el4.src.rpm	72eec656501a24ba24028cb18743461b859e55d107542b4e42886b5fd7a26f5b	-	el4_ia64_latest
	squirrelmail-1.4.8-18.0.1.el4.noarch.rpm	a704f83a0e208e9f76be899d6f5cea6f8a697e1c592535bfdd6aab6fa6763f09	-	el4_ia64_latest

Oracle Linux 4 (x86_64)	squirrelmail-1.4.8-18.0.1.el4.src.rpm	72eec656501a24ba24028cb18743461b859e55d107542b4e42886b5fd7a26f5b	-	el4_x86_64_latest
	squirrelmail-1.4.8-18.0.1.el4.noarch.rpm	a704f83a0e208e9f76be899d6f5cea6f8a697e1c592535bfdd6aab6fa6763f09	-	el4_x86_64_latest

Oracle Linux 5 (i386)	squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm	fb8eabb1fb515b326cb7ab155cbe6dd61735ef0088f769ad4a157b05d513487b	ELSA-2013-0126	ol5_i386_latest
	squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm	fb8eabb1fb515b326cb7ab155cbe6dd61735ef0088f769ad4a157b05d513487b	ELSA-2013-0126	ol5_u7_i386_patch
	squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm	3822ceeab9c43967fcf5d4eb71cf58dcaa3081fd27ce8154014ca956ff894ab0	ELSA-2013-0126	ol5_i386_latest
	squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm	3822ceeab9c43967fcf5d4eb71cf58dcaa3081fd27ce8154014ca956ff894ab0	ELSA-2013-0126	ol5_u7_i386_patch

Oracle Linux 5 (ia64)	squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm	fb8eabb1fb515b326cb7ab155cbe6dd61735ef0088f769ad4a157b05d513487b	ELSA-2013-0126	ol5_ia64_latest
	squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm	fb8eabb1fb515b326cb7ab155cbe6dd61735ef0088f769ad4a157b05d513487b	ELSA-2013-0126	ol5_u7_ia64_patch
	squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm	3822ceeab9c43967fcf5d4eb71cf58dcaa3081fd27ce8154014ca956ff894ab0	ELSA-2013-0126	ol5_ia64_latest
	squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm	3822ceeab9c43967fcf5d4eb71cf58dcaa3081fd27ce8154014ca956ff894ab0	ELSA-2013-0126	ol5_u7_ia64_patch

Oracle Linux 5 (x86_64)	squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm	fb8eabb1fb515b326cb7ab155cbe6dd61735ef0088f769ad4a157b05d513487b	ELSA-2013-0126	ol5_u7_x86_64_patch
	squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm	fb8eabb1fb515b326cb7ab155cbe6dd61735ef0088f769ad4a157b05d513487b	ELSA-2013-0126	ol5_x86_64_latest
	squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm	3822ceeab9c43967fcf5d4eb71cf58dcaa3081fd27ce8154014ca956ff894ab0	ELSA-2013-0126	ol5_u7_x86_64_patch
	squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm	3822ceeab9c43967fcf5d4eb71cf58dcaa3081fd27ce8154014ca956ff894ab0	ELSA-2013-0126	ol5_x86_64_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691